Add user setting to have 2FA enabled by default for new packages


(Sindre Sorhus) #1

I want 2FA for all packages I publish and I don’t want to have to manually enable it each time I publish a new package. It’s also easy to forget to do it.

I propose you add a setting to the web account page that when enabled defaults new packages published by this user to have 2FA.

Note, this is about package-level 2FA and not the user-level 2FA already in the web account page.


(Maximilian Antoni) #2

It would also be great to have this setting for npm orgs! I’d love to enable 2FA for all packages in my company namespace.


(Kat Marchán) #3

See Force 2FA for all org members