Welcome to the MetaMetaMeta is a term that refers to the inside workings of a group. For us, this is the team that works on internal WordPress sites like WordCamp Central and Make WordPress. Team!
The Meta team is responsible for maintaining and managing WordPress.orgWordPress.orgThe community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ websites. Our work is mostly done on the meta trac. If you see a bug, file a ticket!
Two-Factor Auth available to test on WordPress.org
As promised in a previous post, 2FA for WordPress.orgWordPress.orgThe community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ accounts is now ready to test as an opt-in feature.
Note: this feature is for logging in to the WordPress.org web site itself; it does not affect your personal WordPress
If you’re familiar with 2FA and have an authenticator app such as Authy, Google Authenticator, or Keepass, then you can enable Two Factor auth on your account here:
Follow the Two-Factor Authentication link to get a QR code, and scan that using your preferred authenticator app.
Please make sure you save the Backup Codes! If you lose access to your authenticator app in the future you’ll need those to recover access to your WordPress.org account!
Questions
Is 2FA compulsory?
Not yet. In the near future we plan to begin requiring it for accounts with special access, core contributorsCore ContributorsCore contributors are those who have worked on a release of WordPress, by creating the functions or finding and patching bugs. These contributions are done through Trac. https://core.trac.wordpress.org., theme and pluginPluginA plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party developers, and so on.
It will be optional for casual users’ accounts, subject to changes in best practices.
Does 2FA work with SubversionSVNApache Subversion (often abbreviated SVN, after its command name svn) is a software versioning and revision control system. Software developers use Subversion to maintain current and historical versions of files such as source code, web pages, and documentation. Its goal is to be a mostly compatible successor to the widely used Concurrent Versions System (CVS). WordPress core and the wordpress.org released code are all centrally managed through SVN. https://subversion.apache.org/.?
Not directly, since Subversion clients don’t support 2FA.
For WordPress coreCoreCore is the set of software required to run WordPress. The Core Development Team builds WordPress. releases, 2FA has been in use for many years in the form of SSHSSHSecure SHell - a protocol for securely connecting to a remote system in addition to or in place of a password. keys protecting the release system.
For plugin and theme authors, the release management system will require a second factor before code commits are published in downloadable zip files. We’re also investigating other ways of requiring 2FA for code commits.
Does it support hardware keys/WebAuthn?
We do support hardware keys and other WebAuthn supported factors thanks to the WebAuthn Provider for Two Factor plugin. For now they must be configured through a wp.org admin interface via wp-admin/profile.php and we are working on adding a more user friendly interface (see issues #193 and #194). If you want to configure WebAuthn, log into one of the WordPress.org sites (wordpress.org, make.wordpress.org/*, etc), navigate Users -> Profile, scroll to the bottom of the page.
Can I use 2FA on my own WordPress site?
We’re using the Two Factor community plugin along with some customizations. Two Factor is open sourceOpen SourceOpen Source denotes software for which the original source code is made freely available and may be redistributed and modified. Open Source **must be** delivered via a licensing model, see GPL. and available for anyone to use right now. It’s completely free and stand-alone.