Sorry for the geek post…

  • Bilb!@lem.monster
    link
    fedilink
    English
    arrow-up
    20
    ·
    1 year ago

    I don’t think so. Enforcing two-factor auth to be allowed to do certain things with an account just makes sense. It’s definitely not an attempt to squeeze profit out of users per se, but rather an attempt to limit liability and the risk of costly support problems caused by passwords being compromised.

    • m-p{3}@lemmy.ca
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      I think it’s even more important with contributors of large projects and libraries used by a vast amount of software out there.

      It’s not inconceivable that someone’s account gets hijacked, and someone uses their trusted account to add a small snippet of malicious code in a commit, enabling a supply-chain attack.