What Johnny thinks about using two-factor authentication on GitHub: A survey among open-source developers

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F24%3A00136602" target="_blank" >RIV/00216224:14330/24:00136602 - isvavai.cz</a>

Výsledek na webu

<a href="http://dx.doi.org/10.1145/3664476.3670885" target="_blank" >http://dx.doi.org/10.1145/3664476.3670885</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1145/3664476.3670885" target="_blank" >10.1145/3664476.3670885</a>

Jazyk výsledku

angličtina

Název v původním jazyce

What Johnny thinks about using two-factor authentication on GitHub: A survey among open-source developers

Popis výsledku v původním jazyce

Several security issues in open-source projects demonstrate that developer accounts get misused or stolen if weak authentication is used. Many services have started to enforce second-factor authentication (2FA) for their users. This is also the case for GitHub, the largest open-source development platform. We surveyed 110 open-source developers using GitHub to explore how they perceive the importance of authentication on GitHub. Our participants perceived secure authentication as important as other security mechanisms (e.g., commit signing) to improve open-source security. 2FA usage of the project owner was perceived as one of the most important mechanisms. Around half of the participants (51%) were aware of the planned 2FA enforcement on GitHub. Their perception of this enforcement was rather positive. They agreed to enforce 2FA for new devices and new locations, but they were slightly hesitant to use it after some time. They also rather agreed to enforce various user groups on GitHub to use 2FA. Our participants also perceived GitHub authentication methods positively with respect to their usability and security. Most of our participants (68%) reported that they had enabled 2FA on their GitHub accounts.

Název v anglickém jazyce

What Johnny thinks about using two-factor authentication on GitHub: A survey among open-source developers

Popis výsledku anglicky

Several security issues in open-source projects demonstrate that developer accounts get misused or stolen if weak authentication is used. Many services have started to enforce second-factor authentication (2FA) for their users. This is also the case for GitHub, the largest open-source development platform. We surveyed 110 open-source developers using GitHub to explore how they perceive the importance of authentication on GitHub. Our participants perceived secure authentication as important as other security mechanisms (e.g., commit signing) to improve open-source security. 2FA usage of the project owner was perceived as one of the most important mechanisms. Around half of the participants (51%) were aware of the planned 2FA enforcement on GitHub. Their perception of this enforcement was rather positive. They agreed to enforce 2FA for new devices and new locations, but they were slightly hesitant to use it after some time. They also rather agreed to enforce various user groups on GitHub to use 2FA. Our participants also perceived GitHub authentication methods positively with respect to their usability and security. Most of our participants (68%) reported that they had enabled 2FA on their GitHub accounts.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10200 - Computer and information sciences

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2024

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings of the 21st International Workshop on Trust, Privacy and Security in the Digital Society

ISBN

9798400717185

ISSN

—

e-ISSN

—

Počet stran výsledku

11

Strana od-do

1-11

Název nakladatele

Association for Computing Machinery

Místo vydání

Vídeň, Rakousko

Místo konání akce

Vídeň, Rakousko

Datum konání akce

1. 1. 2024

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

001283894700134