Join GitHub today
[RFC] Workflow of multi-factor authentication of RubyGems #1725
Updated on Sep. 1st
Hello, I'm going to adding multi-factor authentication feature to our
Workflow of my implementation is below:
For any concern with compatibility with your auth app or device, it uses TOTP (a time-based OTP generation algorithm), which is compatible with most of 2fa auth apps.
Implementation of both client and server should keep compatible with old clients or private gem servers without MFA related code.
There're several decisions to be made.
Any comments are welcome.