The Gentoo GitHub organization was hacked due to a password being leaked. We will be requiring 2FA on July 6. If your account does not have 2FA configured by that time, you will no longer have the ability to merge pull requests or push to the NixOS organization.

Once you have enabled 2FA please check the box next to your account.

If you miss the July 6 deadline, we can reinstate your access after you enable 2FA -- contact us.

Reference documentation:

• https://help.github.com/articles/securing-your-account-with-two-factor-authentication-2fa/
• https://help.github.com/articles/requiring-two-factor-authentication-in-your-organization/

Applications:

• Google Authenticator
• Authy
• Duo Security
• FreeOTP+ on F-Droid
• pass-otp
• gopass

Hardware

If you have a FIDO / U2F token, you can use it with GitHub:

  hardware.u2f.enable = true;

and either use Google Chrome, or firefox-devedition-bin (firefox stable doesn't yet support u2f totally.) If you use firefox, visit about:config, search for security.webauth.u2f, and toggle it to true for it to work.

Accounts to go

• @antono
• @astsmtl
• @bluescreen303
• @c0bw3b
• @civodul
• @cstrahan
• @edwtjo
• @errge
• @gridaphobe
• @lethalman
• @maggesi
• @mornfall
• @MP2E
• @obadz
• @Phreedom
• @qknight

Completed

• @7c6f434c
• @AndersonTorres
• @armijnhemel
• @aszlig
• @bendlas
• @bennofs
• @chaoflow
• @cpages
• @dezgeg
• @dtzWill
• @falsifian
• @FRidh
• @gebner
• @GrahamcOfBorg
• @matejc
• @matthewbauer
• @nckx
• @nlewo
• @ocharles
• @peterhoeg
• @peti
• @rickynils
• @svanderburg
• @ts468
• @viric
• @vrthra
• @amiddelk
• @aristidb
• @bjornfor
• @pikajude
• @rushmorem
• @ttuegel
• @vbgl

Accounts to remove

• @DamienCassou: not maintaining nixpkgs anymore
• @amiddelk: not maintaining nixpkgs anymore