• pizzawithdirt@lemmy.worlddeleted by creator
    link
    fedilink
    English
    arrow-up
    5
    ·
    2 years ago

    I don’t have 2FA for my GitLab account since it’s only accesible via my GitHub account which has 2FA. Is this good or should I add 2FA to GitLab also?

    • Lmaydev@programming.devdeleted by creator
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      2 years ago

      If you have to use your GitHub 2fa to sign in that’s fine I would assume.

      • BirdsWithBeefyArms@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        2 years ago

        This isn’t necessarily true. If you are using an identity provider, you can still perform a password reset on GitLab and set a password there, bypassing your 2FA on GitHub. You usually shouldnt rely on IdP 2FA unless the destination system enforces IdP signin every time. There is a group setting in GitLab that does that, but it will only apply for that group.