How is everyone handling the 2FA requirement for GitHub? (docs.github.com)

submitted 5 months ago* (last edited 5 months ago) by StorageB@lemmy.one to c/opensource@lemmy.ml

126 comments fedilink hide all child comments

Just wondering what people are using to meet the 2FA requirement GitHub has been rolling out. I don't love the idea of having an authenticator app installed on my phone just to log into GitHub. And really don't want to give them my phone number just to log in.

Last year, we announced our commitment to require all developers who contribute code on GitHub.com to enable two-factor authentication (2FA)...

you are viewing a single comment's thread
view the rest of the comments

[-] delirious_owl@discuss.online 4 points 5 months ago* (last edited 5 months ago)

Not if the org uses SMS auth as a recover method for your "lost" password

Also putting a phone number into a DB means the attackers who dump the DB now have a very effective way to phish or exploit you with a large attack surface.

I generally don't let my team enter phone numbers into their account data.

this post was submitted on 05 Jun 2024

50 points (79.1% liked)

Open Source

31223 readers

280 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Posts must be relevant to the open source ideology
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago

MODERATORS

Cloak@lemmy.ml

kevincox@lemmy.ml

CrypticCoffee@lemmy.ml

Lettuceeatlettuce@lemmy.ml