Change of policy on GitLab account creation/login?

Erik Huelsmann ehuels at gmail.com
Sun Oct 7 12:54:08 UTC 2018


Hi all,

Almost 4 years have passed since the initial installation of GitLab on
common-lisp.net.
During that period, GitLab (the open source project) has seen tremendous
growth both in user community and functionality. Our own GitLab instance
has grown quite a bit as well. With almost 700 projects and nearly 500
users, it's quite a bit bigger now than the initial CVS migration which
resulted in 379 projects and 395 users. (We did both the Git and Darcs
migrations after that, which added to the growth.)

Originally, we decided we wanted to create our own accounts and not support
account-auto-creation (based on experience shared by GitLab.com). Today,
GitLab lets itself be configured to auto-create accounts from GitHub using
GitHub credentials.
We have long supported the possibility of allowing accounts to be tied to
Google and GitHub OAuth2 for the purpose of authentication. Additionally,
we support 2FA these days.
I'm wondering if we can be a bit more relaxed with account creation
(allowing auto-creation), but be a bit more strict on account login: i.e.
require 2FA.

Do you have any opinion on the matter?


-- 
Bye,

Erik.

http://efficito.com -- Hosted accounting and ERP.
Robust and Flexible. No vendor lock-in.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.common-lisp.net/pipermail/clo-devel/attachments/20181007/c58f8145/attachment.html>


More information about the clo-devel mailing list