Making WordPress.org

Opened 20 months ago

Closed 20 months ago

Last modified 20 months ago

#3498 closed defect (duplicate)

Two-Factor authorization to SVN

Reported by: tazotodua Owned by:
Milestone: Priority: normal
Component: Login & Authentication Keywords:


I think it's a kinda of security vulnerability, that WP.org doesnt use 2-factor authorization - while we login here, on wp.org, or while authenticating in SVN (like TortoiseSVN or etc.. when submiting plugin or theme).

So, if someone know plain text password, he can cause quite unexpected problems.
It mostly concerns to SNV access for plugins/users, that have thousands of customers.

Yes, there is email notificaiton when change happens on SVN, but it'll be good there was 2 factor auth while trying to login to SVN.

Change History (2)

#1 @ocean90
20 months ago

  • Resolution set to duplicate
  • Status changed from new to closed

Duplicate of #77.

#2 @SergeyBiryukov
20 months ago

  • Component changed from General to Login & Authentication
Note: See TracTickets for help on using tickets.