Priority Group Detail Pages

Option 1.1

ID	I	A	R	Category	Guideline
1.1	E	E	E	User Authentication	Multi Factor Authentication (MFA) Enforced Across the Github Organization

MITRE References	Sources	HOW TO
CWE-308, M1032	OpenSSF SCM Best Practices, OpenSSF Best Practices Badge Gold Level [require_2FA]	GitHub Docs

ID	I	A	R	Category	Guideline
1.2	E	E	E	User Authentication	Multi Factor Authentication (MFA) Enforced Across the npm Organization

MITRE References	Sources	HOW TO
CWE-308, M1032	OpenSSF npm Best Practices	npm Docs

ID	I	A	R	Category	Guideline
1.3	E	E	E	User Authentication	Multi Factor Authentication (MFA) Enforced in All Tools Wherever Techncially Feasible

MITRE References	Sources	HOW TO
CWE-308, M1032	CNCF CNSWP v1.0

Option 1.2

ID# 1.1

I	A	R	Category	Guideline
E	E	E	User Authentication	Multi Factor Authentication (MFA) Enforced Across the Github Organization

MITRE References	Sources	HOW TO
CWE-308, M1032	OpenSSF SCM Best Practices, OpenSSF Best Practices Badge Gold Level [require_2FA]	GitHub Docs

ID# 1.2

ID	I	A	R	Category	Guideline
1.2	E	E	E	User Authentication	Multi Factor Authentication (MFA) Enforced Across the npm Organization

MITRE References	Sources	HOW TO
CWE-308, M1032	OpenSSF npm Best Practices	npm Docs

ID# 1.3

I	A	R	Category	Guideline
E	E	E	User Authentication	Multi Factor Authentication (MFA) Enforced in All Tools Wherever Techncially Feasible

MITRE References	Sources	HOW TO
CWE-308, M1032	CNCF CNSWP v1.0	TBD

Option 2.1

ID	I	A	R	Category	Guideline
1.1	E	E	E	User Authentication	Multi Factor Authentication (MFA) Enforced Across the Github Organization

MITRE References
CWE-308
M1032

Sources
OpenSSF SCM Best Practices
OpenSSF Best Practices Badge Gold Level [require_2FA]

HOW TOs
GitHub Docs

ID	I	A	R	Category	Guideline
1.2	E	E	E	User Authentication	Multi Factor Authentication (MFA) Enforced Across the npm Organization

MITRE References
CWE-308
M1032

Sources
OpenSSF npm Best Practices

HOW TOs
npm Docs

ID	I	A	R	Category	Guideline
1.3	E	E	E	User Authentication	Multi Factor Authentication (MFA) Enforced in All Tools Wherever Techncially Feasible

MITRE References
CWE-308
M1032

Sources
CNCF CNSWP v1.0

HOW TOs
TBD

Option 2.2

ID# 1.1

I	A	R	Category	Guideline
E	E	E	User Authentication	Multi Factor Authentication (MFA) Enforced Across the Github Organization

MITRE References
CWE-308
M1032

Sources
OpenSSF SCM Best Practices
OpenSSF Best Practices Badge Gold Level [require_2FA]

HOW TOs
GitHub Docs

ID# 1.2

ID	I	A	R	Category	Guideline
1.2	E	E	E	User Authentication	Multi Factor Authentication (MFA) Enforced Across the npm Organization

MITRE References
CWE-308
M1032

Sources
OpenSSF npm Best Practices

HOW TOs
npm Docs

ID# 1.3

I	A	R	Category	Guideline
E	E	E	User Authentication	Multi Factor Authentication (MFA) Enforced in All Tools Wherever Techncially Feasible

MITRE References
CWE-308
M1032

Sources
CNCF CNSWP v1.0

HOW TOs
TBD

Option 3.1

ID	I	A	R	Category	Guideline
1.1	E	E	E	User Authentication	Multi Factor Authentication (MFA) Enforced Across the Github Organization

MITRE References
- CWE-308
- M1032
Sources
- OpenSSF SCM Best Practices
- OpenSSF Best Practices Badge Gold Level [require_2FA]
HOW TO
- GitHub Docs

ID	I	A	R	Category	Guideline
1.2	E	E	E	User Authentication	Multi Factor Authentication (MFA) Enforced Across the npm Organization

MITRE References
- CWE-308
- M1032
Source
- OpenSSF npm Best Practices
HOW TO
- npm Docs

ID	I	A	R	Category	Guideline
1.3	E	E	E	User Authentication	Multi Factor Authentication (MFA) Enforced in All Tools Wherever Techncially Feasible

MITRE References
- CWE-308
- M1032
Source
- CNCF CNSWP v1.0
HOW TO
- TBD

Option 2.2

ID# 1.1

I	A	R	Category	Guideline
E	E	E	User Authentication	Multi Factor Authentication (MFA) Enforced Across the Github Organization

MITRE References
- CWE-308
- M1032
Sources
- OpenSSF SCM Best Practices
- OpenSSF Best Practices Badge Gold Level [require_2FA]
HOW TO
- GitHub Docs

ID# 1.2

I	A	R	Category	Guideline
E	E	E	User Authentication	Multi Factor Authentication (MFA) Enforced Across the npm Organization

MITRE References
- CWE-308
- M1032
Source
- OpenSSF npm Best Practices
HOW TO
- npm Docs

ID# 1.3

I	A	R	Category	Guideline
E	E	E	User Authentication	Multi Factor Authentication (MFA) Enforced in All Tools Wherever Techncially Feasible

MITRE References
- CWE-308
- M1032
Source
- CNCF CNSWP v1.0
HOW TO
- TBD

Option 3.1

ID	Category	Guideline
1.1	User Authentication	Multi Factor Authentication (MFA) Enforced Across the Github Organization

Incubating	Active	Retired
Expected	Expected	Expected

MITRE References
- CWE-308
- M1032
Sources
- OpenSSF SCM Best Practices
- OpenSSF Best Practices Badge Gold Level [require_2FA]
HOW TO
- GitHub Docs

ID	Category	Guideline
1.2	User Authentication	Multi Factor Authentication (MFA) Enforced Across the npm Organization

Incubating	Active	Retired
Expected	Expected	Expected

MITRE References
- CWE-308
- M1032
Source
- OpenSSF npm Best Practices
HOW TO
- npm Docs

ID	Category	Guideline
1.3	User Authentication	Multi Factor Authentication (MFA) Enforced in All Tools Wherever Techncially Feasible

Incubating	Active	Retired
Expected	Expected	Expected

MITRE References
- CWE-308
- M1032
Source
- CNCF CNSWP v1.0
HOW TO
- TBD

Option 3.2

ID# 1.1

Category	Guideline
User Authentication	Multi Factor Authentication (MFA) Enforced Across the Github Organization

Incubating	Active	Retired
Expected	Expected	Expected

MITRE References
- CWE-308
- M1032
Sources
- OpenSSF SCM Best Practices
- OpenSSF Best Practices Badge Gold Level [require_2FA]
HOW TO
- GitHub Docs

ID# 1.2

Category	Guideline
User Authentication	Multi Factor Authentication (MFA) Enforced Across the npm Organization

Incubating	Active	Retired
Expected	Expected	Expected

MITRE References
- CWE-308
- M1032
Source
- OpenSSF npm Best Practices
HOW TO
- npm Docs

ID# 1.3

Category	Guideline
User Authentication	Multi Factor Authentication (MFA) Enforced in All Tools Wherever Techncially Feasible

Incubating	Active	Retired
Expected	Expected	Expected

MITRE References
- CWE-308
- M1032
Source
- CNCF CNSWP v1.0
HOW TO
- TBD

Option 3.3

Priority Group 1

ID	Guideline	In	AL&I	Ar
UA:MFG	Multi Factor Authentication (MFA) Enforced Across the Github Organization	E	E	E
UA:MFN	Multi Factor Authentication (MFA) Enforced Across the npm Organization	E	E	E
UA:MFO	Multi Factor Authentication (MFA) Enforced in All Tools Wherever Techncially Feasible	E	E	E
UA:MFI	Use Multi Factor Authentication (MFA) Methods that Defend Against Impersonation when Available	E	E	E

Multi Factor Authentication (MFA) Enforced Across the Github Organization

ID	Category	Incubating	At Large & Impact	Archived
UA:MFG	User Authentication	Expected	Expected	Expected

Additional descriptive text here.

MITRE References
- CWE-308
- M1032
Sources
- OpenSSF SCM Best Practices
- OpenSSF Best Practices Badge Gold Level [require_2FA]
HOW TO
- GitHub Docs

Multi Factor Authentication (MFA) Enforced Across the npm Organization

ID	Category	Incubating	At Large & Impact	Archived
UA:MFN	User Authentication	Expected	Expected	Expected

MITRE References
- CWE-308
- M1032
Source
- OpenSSF npm Best Practices
HOW TO
- npm Docs

Multi Factor Authentication (MFA) Enforced in Other Tools Wherever Techncially Feasible

ID	Category	Incubating	At Large & Impact	Archived
UA:MFO	User Authentication	Expected	Expected	Expected

MITRE References
- CWE-308
- M1032
Source
- CNCF CNSWP v1.0
HOW TO
- TBD