Making WordPress.org

Opened 23 months ago

Closed 23 months ago

Last modified 23 months ago

#3498 closed defect (duplicate)

Two-Factor authorization to SVN

Reported by: tazotodua Owned by:
Milestone: Priority: normal
Component: Login & Authentication Keywords:


I think it's a kinda of security vulnerability, that WP.org doesnt use 2-factor authorization - while we login here, on wp.org, or while authenticating in SVN (like TortoiseSVN or etc.. when submiting plugin or theme).

So, if someone know plain text password, he can cause quite unexpected problems.
It mostly concerns to SNV access for plugins/users, that have thousands of customers.

Yes, there is email notificaiton when change happens on SVN, but it'll be good there was 2 factor auth while trying to login to SVN.

Change History (2)

#1 @ocean90
23 months ago

  • Resolution set to duplicate
  • Status changed from new to closed

Duplicate of #77.

#2 @SergeyBiryukov
23 months ago

  • Component changed from General to Login & Authentication
Note: See TracTickets for help on using tickets.