Rollout plan for critical projects 2FA requirement #12308

di · 2022-10-03T19:00:18Z

Breaking this out from #11625. The following steps should be followed to roll out the critical projects 2FA requirement:

Resolve Mandatory 2FA with existing users without 2FA vulnerable to account takeover #11850
Evaluate how many critical project maintainers will be affected by enabling the mandate.
- Ideally this is non-zero, but likely that some projects/maintainers may be unresponsive
- Depending on the size, potentially do some manual comms to affected maintainers
Set TWOFACTORMANDATE_ENABLED to True
- This makes 2FA required for critical projects and completes the rollout
Tweets/announcements about this milestone

The text was updated successfully, but these errors were encountered:

di mentioned this issue Oct 3, 2022

Rollout plan for critical projects promo #11625

Closed

8 tasks

di added the meta Meta issues (rollouts, etc) label Oct 3, 2022

miketheman added the security Security-related issues and pull requests label Mar 30, 2023

dstufft added the 2FA label May 26, 2023

di mentioned this issue Jun 1, 2023

Remove critical designation email #13832

Merged

di closed this as completed in #13832 Jun 1, 2023

Provide feedback