[wp-meta] [Making WordPress.org] #3498: Two-Factor authorization to SVN
Making WordPress.org
noreply at wordpress.org
Thu Mar 8 12:59:14 UTC 2018
#3498: Two-Factor authorization to SVN
-----------------------+-----------------
Reporter: tazotodua | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: General | Keywords:
-----------------------+-----------------
Hi.
I think it's a kinda of security vulnerability, that WP.org doesnt use
2-factor authorization - while we login here, on wp.org, or while
authenticating in SVN (like TortoiseSVN or etc.. when submiting plugin or
theme).
So, if someone know plain text password, he can cause quite unexpected
problems.
It mostly concerns to SNV access for plugins/users, that have thousands of
customers.
Yes, there is email notificaiton when change happens on SVN, but it'll be
good there was 2 factor auth while trying to login to SVN.
--
Ticket URL: <https://meta.trac.wordpress.org/ticket/3498>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org
More information about the wp-meta
mailing list