On Wed, Aug 11, 2021 at 07:00:50PM +0800, lilinchao@xxxxxxxxxx wrote: > Many websites support two-factor authentication(2FA) to log in, like Github, I wander if we can support it in application layer. > When client clone something, they need input username and password, it is like a website login process. For security, we can > enable 2FA during this process. As you well know, "cloning" a repository can be done via any number of mechanisms: 1. locally from another repository on disk 2. locally, from a git bundle file 3. remotely, using the anonymous git:// protocol 4. remotely, using ssh or http(s) protocols 2-factor authentication does not make sense in the first three cases (you already have access to all the objects with 1 and 2, and the git:// protocol is public and anonymous by design). For the ssh/https scheme, 2fa is already supported by the underlying protocol, so it does not make sense for git to implement it again on the application level. Hope this helps. -K