Y
Hacker News
new
|
ask
|
show
|
jobs
by
anoojb
1907 days ago
Thanks Nat. What if we made new GitHub Actions temporarily only available to users with a verified second factor?
Could temporarily reduce the population of abusers while we figure out a more sustainable strategy?
1 comments
chatmasta
1907 days ago
A TOTP code response is trivial to implement on the client. So if you wanted this to be meaningful, you would need to force users to use SMS 2FA, which is widely considered insecure. Not a great solution IMO.
link