• Tech News
  • Fintech
  • Startup
  • Games
  • Ar & Vr
  • Reviews
  • How To
  • More
    • Mobile Tech
    • Pc & Laptop
    • Security
What's Hot

The Naked Gun review: Charged with man’s laughter

July 30, 2025

Samsung Galaxy Tab S10 FE+ review: A Galaxy Tab S10+ for less?

July 30, 2025

Fairphone (Gen 6) review: Sustainability done the right way

July 29, 2025
Facebook Twitter Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook Twitter Instagram Pinterest VKontakte
Behind The ScreenBehind The Screen
  • Tech News
  • Fintech
  • Startup
  • Games
  • Ar & Vr
  • Reviews
  • How To
  • More
    • Mobile Tech
    • Pc & Laptop
    • Security
Behind The ScreenBehind The Screen
Home»Security»NPM users can now connect a Twitter account as a recovery method
Security

NPM users can now connect a Twitter account as a recovery method

July 26, 2022No Comments3 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
NPM users can now connect a Twitter account as a recovery method
Share
Facebook Twitter LinkedIn Pinterest Email

Builders who use NPM, the favored JavaScript package deal supervisor, will now have the ability to join their Twitter and GitHub accounts to the software program as a restoration technique.

The transfer was introduced Tuesday together with a handful of different options meant to mix enhanced safety with usability for the GitHub-owned package deal supervisor.

In a blog post, GitHub mentioned that the modifications would make it simpler for customers to safe their accounts, whereas additionally streamlining some security measures that customers had discovered burdensome.

“The JavaScript neighborhood downloads over 5 billion packages from npm a day, and we at GitHub acknowledge how vital it’s that builders can achieve this with confidence,” wrote GitHub product managers Myles Borins and Monish Mohan. “As stewards of the npm registry, it’s vital that we proceed to put money into enhancements that improve developer belief and the general safety of the registry itself.”

GitHub and Twitter accounts can now be used as restoration choices for NPM.
Picture: GitHub/NPM

Apart from the power to attach Twitter and GitHub accounts as an authentication technique, GitHub additionally introduced that the usage of two-factor authentication (2FA) for login and package deal publishing on NPM can be made simpler.

Per the weblog publish, NPM had beforehand trialed the use of enhanced 2FA logins in a public beta launch, however after suggestions from the neighborhood, determined that sure options needs to be tweaked in an effort to be extra user-friendly. This included including a “keep in mind me for five minutes” choice in order that customers who efficiently authenticated might disable 2FA prompts for a brief time frame.

“Account safety is considerably improved by adopting 2FA, but when the expertise provides an excessive amount of friction, we will’t anticipate prospects to undertake it,” Borins and Mohan wrote. “Early adopters of our new 2FA expertise shared suggestions across the technique of logging in and publishing with the npm CLI, and we acknowledged there was room for enchancment.”

The improved security measures are being made out there in NPM 8.15.0, launched July twenty sixth, the publish mentioned.

As a core a part of the open-source software program ecosystem for the JavaScript programming language, NPM has been focused by a lot of malicious actors through the years. One of many primary methods has been for attackers to take management of packages by purchasing expired domains registered to package publishers and utilizing these to arrange electronic mail accounts that can be utilized to obtain password reset emails for the package deal. In mild of this, rising the usage of 2FA when logging into NPM accounts stands to create huge safety enhancements.

NPM’s dad or mum firm, GitHub, can also be working to enhance safety on the bigger code-hosting platform: earlier this yr, the corporate introduced that every one customers who contribute code would want to have some type of 2FA enabled by the top of 2023.

Source link

See also  The US government got caught using sock puppets to spread propaganda on social media
account Connect Method NPM recovery Twitter Users
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Stuck in the Past? This Many iPhone Users Haven’t Upgraded to iOS 18

June 7, 2025

Are European iPhone Users About to Start Losing Features?

June 3, 2025

10 iPhone Features That Users Find Annoying

May 26, 2025

Huawei Watch Fit 4 Pro review: An Apple Watch Ultra for Android users

May 26, 2025
Add A Comment

Comments are closed.

Editors Picks

Seattle blockchain VC firm Bloccelerate raising its second fund – Startup

September 19, 2022

Apple Sports Adds League Standings and News

May 21, 2025

It’s Not Apple’s Yet | NFL Still Deciding Which Streamer Will Get ‘Sunday Ticket’

June 26, 2022

The shady Imperials are coming to Dune: Spice Wars this summer as its next playable faction

July 6, 2022

Subscribe to Updates

Get the latest news and Updates from Behind The Scene about Tech, Startup and more.

Top Post

The Naked Gun review: Charged with man’s laughter

Samsung Galaxy Tab S10 FE+ review: A Galaxy Tab S10+ for less?

Fairphone (Gen 6) review: Sustainability done the right way

Behind The Screen
Facebook Twitter Instagram Pinterest Vimeo YouTube
  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2025 behindthescreen.fr - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.