From: Eric Wong <normalperson@...>
Date: 2021-10-30T20:32:13+00:00
Subject: [ruby-core:105878] Re: [ANN] Multi-factor Authentication of bugs.ruby-lang.org

SHIBATA Hiroshi <hsbt@ruby-lang.org> wrote:
> Hello,
> 
> A few days ago, I did upgrade bugs.ruby-lang.org to Redmine 4.2.
> Redmine 4.2 provide the Multi-factor Authentication for protect the
> user account.

(I missed this earlier since I don't use Ruby, much, nowadays)

I'm using w3m browser and I can't seem to get the plain text code
entered properly.  No JS/graphics, so I can't view the QR code img,
of course.

I write daemons and command-line tools.  Nothing I've ever done
in Ruby has ever required working graphics, so it's completely
unreasonable to expect Ruby contributors have working graphics.
Graphics stacks are extremely complex and fragile, so support
for old hardware often gets broken and too expensive to maintain.

> I enabled it and change the default settings of MFA today.
> So, the users need to setup it mandatory for protecting your account.

This is needless barrier to entry; AFAIK I've never had special
privileges to modify things in Redmine, even.   I might check out
https://rubygems.org/gems/authentic as mentioned elsewhere,
but I'd also have to review it and every dependency it uses
before using it...

Thanks.

Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>