[wp-meta] [Making WordPress.org] #3498: Two-Factor authorization to SVN

Making WordPress.org noreply at wordpress.org
Thu Mar 8 12:59:14 UTC 2018


#3498: Two-Factor authorization to SVN
-----------------------+-----------------
 Reporter:  tazotodua  |      Owner:
     Type:  defect     |     Status:  new
 Priority:  normal     |  Milestone:
Component:  General    |   Keywords:
-----------------------+-----------------
 Hi.
 I think it's a kinda of security vulnerability, that WP.org doesnt use
 2-factor authorization - while we login here, on wp.org, or while
 authenticating in SVN (like TortoiseSVN or etc.. when submiting plugin or
 theme).

 So, if someone know plain text password, he can cause quite unexpected
 problems.
 It mostly concerns to SNV access for plugins/users, that have thousands of
 customers.

 Yes, there is email notificaiton when change happens on SVN, but it'll be
 good there was 2 factor auth while trying to login to SVN.

--
Ticket URL: <https://meta.trac.wordpress.org/ticket/3498>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org


More information about the wp-meta mailing list