GitHub will require 2FA for some NPM registry users
In light of two recent security incidents impacting the popular NPM registry for JavaScript packages, GitHub will require 2FA (two-factor authentication) for maintainers and admins of popular packages on NPM.The 2FA policy, intended to protect against account takeovers, will be put in place starting with a cohort of top packages in the first quarter of 2022, GitHub said in a bulletin published on November 15. GitHub became stewards of the registry after acquiring NPM in 2020.To read this article in full, please click here
In light of two recent security incidents impacting the popular NPM registry for JavaScript packages, GitHub will require 2FA (two-factor authentication) for maintainers and admins of popular packages on NPM.
The 2FA policy, intended to protect against account takeovers, will be put in place starting with a cohort of top packages in the first quarter of 2022, GitHub said in a bulletin published on November 15. GitHub became stewards of the registry after acquiring NPM in 2020.