Launchpad 2FA is currently opt-in for everyone. However, it has been
mandatory for Canonical employees for a number of years now. Details are
TOTP and HOTP are supported, so this works with hardware authenticators
such as Yubikeys as well as smartphone apps like OTP Authenticator (from
F-Droid) and Google Authenticator (Play Store), etc.
We think this is now easy enough and standard enough not to be a
burden, so we are inclined to implement this as a requirement for all
Ubuntu uploaders. Any objections?
 "We" means the TB and the DMB
 By "Ubuntu uploaders" I mean anyone who can upload to the Ubuntu
archive, which I think means all members of ~ubuntu-uploaders whether
directly or indirectly.