npm Community Forum (Archive)

The npm community forum has been discontinued.

To discuss usage of npm, visit the GitHub Support Community.

2FA Security badge

Let’s add a security badge to packages in the registry where all the calibrators have two-factor authentication is enabled. Optionally would be nice to show the number how many calibrators are there in total.

I believe it may improve security in general, since package owners will want to see such badge for their packages and it will force them to enable 2FA.

As a next step we may add a warning during package installation if a package was published without using 2FA.