Authentication of IT Professionals in the Wild – A Survey

he role of user authentication in software repositories can significantly impact those using open-source projects as a basis for their products. In addition to highlighting the importance of authentication in software supply chain security, we surveyed open-source developers to identify if these IT professionals take advantage of more secure authentication methods in open-source projects to mitigate common risks. We present results from a survey of 83 employees of an open-source software company. We found that these users mostly use two-factor authentication and perceive username and password as the most usable method. Regarding security, hardware and software tokens were perceived as the most secure methods. Using a third-party service for fallback authentication emerged as a non-preferred solution.