PyCon Pittsburgh. April 15-23, 2020.

Talk: Bringing Two Factor Authentication to PyPI

Presented by:

William Woodruff

Description

Since March, $speaker has worked with the PSF and PyPA to implement and land major security improvements in Warehouse, the codebase that drives PyPI. This talk will cover just one of those improvements: the addition of two factor authentication to user login. Attendees will learn about the technical details of two factor schemes, the security properties they can (and can not) provide, and the process for making major changes to core Python infrastructure. Attendees will take away knowledge about the Warehouse codebase, which 2FA schemes they should be using, and do’s and don’ts for good user experience with two-factor authentication.