Reply to post: 2FA helps ensure your package

Sonatype shines light on typosquatting ransomware threat in PyPI

that one in the corner Silver badge

2FA helps ensure your package

is under your control and still *is* your package, but how does it help with typosquatting?

Unless, perhaps, each "critical" package also has packages with all the close-match typos auto-generated (these containing whatever is the equivalent of "this package deliberately left blank") and also put under your 2FA? Wild guess, that isn't happening..

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon