'Re: Gitlab update, 2FA now mandatory'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-community
Subject:    Re: Gitlab update, 2FA now mandatory
From:       Ben Cooksley <bcooksley () kde ! org>
Date:       2022-10-28 20:57:16
Message-ID: CA+XidOFcpNSE8rCPbh1t4vdmSJ5L7N4GO=dP=6r_B-yjB6A3cw () mail ! gmail ! com
[Download RAW message or body]

Hi all,

Following some additional analysis of the situation I've now adjusted the
policy surrounding enforced use of 2FA.

Going forward it will only be enforced on people who are one of the
following:
- KDE Developers
- KDE e.V. Members (including the Board)
- KDE e.V. Staff (whether they be contractors or employees)

In addition, 2FA may be enforced on any person who has access to a system
that contains sensitive information, including but not limited to
stats.kde.org, metrics.kde.org and collaborate.kde.org, or who has
additional privileges on those systems outside of those granted to users by
default. It may also be enforced if a person becomes involved in a project
in a meaningful way (ie. a long term contributor) that does not result in
them obtaining a developer account or access to sensitive information.

Cheers,
Ben

[Attachment #3 (text/html)]

<div dir="ltr">Hi all,<div><br></div><div>Following some additional analysis of the \
situation I&#39;ve now adjusted  the policy surrounding enforced use of \
2FA.</div><div><br></div><div>Going forward it will only be enforced on people who \
are one of the following:</div><div>- KDE Developers</div><div>- KDE e.V. Members \
(including the Board)</div><div>- KDE e.V. Staff (whether they be contractors or \
employees)</div><div><br></div><div>In addition, 2FA may be enforced on any person \
who has access to a system that contains sensitive information, including but not \
limited to <a href="http://stats.kde.org">stats.kde.org</a>, <a \
href="http://metrics.kde.org">metrics.kde.org</a> and <a \
href="http://collaborate.kde.org">collaborate.kde.org</a>, or who has additional \
privileges on those systems outside of those granted to users by default. It may also \
be enforced if a person becomes involved in a project in a meaningful way (ie. a long \
term contributor) that does not result in them obtaining a developer account or \
access to sensitive information.</div><div><br></div><div>Cheers,</div><div>Ben</div></div>




[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic