>On 8/11/2021 7:00 AM, lilinchao@xxxxxxxxxx wrote: >> Many websites support two-factor authentication(2FA) to log in, like Github, I wander if we can support it in application layer. >> When client clone something, they need input username and password, it is like a website login process. For security, we can >> enable 2FA during this process. > >Typically, this is handled at the credential helper layer, which >is a tool outside of the Git codebase that can more closely work >with such 2FA/MFA requirements. For example, GCM Core [1] supports >2FA with GitHub, Azure DevOps, and BitBucket. > >[1] https://github.com/microsoft/Git-Credential-Manager-Core > >The mechanism is that Git attempts an operation and gets an error >code, so it asks for a credential from the helper. The helper >then communicates with the server to do whatever authentication >is required, including possibly performing multi-factor auth. >All of these details are hidden from Git, which is good. > Indeed, this is good, I've experienced this tool these days at WSL and Windows, but finally I hope these features can be supported by Git itself, and then the user end can easily configure it. >I've CC'd Matthew Cheetham who is the maintainer of GCM Core to >correct me if I misstated anything here. Thanks.
