UbuntuOne/Launchpad two-factor authentication

Jeremy Stanley fungi at yuggoth.org
Mon Nov 22 20:15:05 UTC 2021

For a little over a year Ian, Clark and I have been using the
multi-factor authentication feature of UbuntuOne SSO (i.e.
Launchpad) in order to more strongly secure the accounts we rely on
for OpenID logins to the Web interfaces of our services like Gerrit
and StoryBoard. It's gone smoothly, I think, and so we're probably
overdue on our plan to offer this capability to other OpenDev users.

Support for this is not enabled by default, your SSO account needs
to be a member of a group which is granted the feature. We have one
such group authorized for this purpose, which can be found here:


Please see the information and important caveats documented in the
group description. I expect the process would be something like
using the LP group members page to request membership for your
account, and then one of the group administrators would approve the
request, after which you would be able to proceed with configuration
of your token or other HOTP/TOTP authenticator.

I'm bringing it up here first for discussion, in order to see if
anyone has any concerns or related suggestions, but barring none
I'd like to move forward with a "soft" (quiet) call for wider
testing the first week of December.
Jeremy Stanley
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: not available
URL: <http://lists.opendev.org/pipermail/service-discuss/attachments/20211122/0f491606/attachment.sig>

More information about the service-discuss mailing list