On 09/05/2013 01:01 PM, Ian Weller wrote: > On Thu, Sep 05, 2013 at 04:50:04PM +0200, Pierre-Yves Chibon wrote: >> 3) Ask for password, validate, then ask for 2 fa is set up +1, my first instinct was this method as well, and yes it is something that a lot of other sites with 2fa seem to be doing (two other examples to add to your list are digitalocean and amazon aws). The extra security seems worth it. -Ricky
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
