PyPI enforces two-factor authentication for logins to strengthen platform security

Python third-party package repository PyPI (Python Package Index) announced that starting from May this year, in order to enhance the security of the platform, all projects or organizations maintained on PyPI must enable two-factor authentication

Currently this mandatory requirement has taken effect, and all software publishers need to enable this login verification, otherwise they will not be able to log in to the platform account.

However, for those users who just want to browse the PyPI website, download and install software packages, there is no need to register an additional PyPI account, so this "account two-factor authentication" requirement will have no impact on these users

▲ Picture source Python Package Index website

If you try to perform related management using a new account that does not enable two-factor authentication on the PyPI platform operation, the system will reject your request and forcefully redirect you to the "two-factor authentication" page

According to reports, the PyPI platform was subpoenaed by the U.S. Department of Justice at the beginning of this year due to the influence of malicious users and projects. Therefore, We had to temporarily close the new user registration and new project upload functions

The PyPI team once said: "Forcing all accounts to enable two-factor authentication is an important measure in our long-term commitment to improving platform security. By using' Two-factor authentication' can effectively prevent the leakage of user login credentials and related APIs, thereby reducing the amount of malware on the platform."

Articles on this site contain external jump links, aiming to deliver more information and save selection Time, results are for reference only

The above is the detailed content of PyPI enforces two-factor authentication for logins to strengthen platform security. For more information, please follow other related articles on the PHP Chinese website!