Raising the bar for software security: GitHub 2FA begins March 13
github.blog
On March 13, we will officially begin rolling out our initiative to require all developers who contribute code on GitHub.com to enable one or more forms of two-factor authentication (2FA) by the end of 2023. Read on to learn about what the process entails and how you can help secure the software supply chain with 2FA.

I personally am fine with this.

  • Doink@lemmy.world
    401·
    1 year ago

    While you are adding this anyway consider using an open source app instead of google auth like aegis. There are many others but I wish I knew about them sooner.

    • dyc3@lemmy.world
      7·
      1 year ago

      I personally love keeweb. Passwords and 2fa all in one place.

      I mean you could argue that defeats the purpose of having 2fa, but it’s convenient

      • technojamin@lemmy.world
        6·
        1 year ago

        It weakens it a bit, but in my opinion it still has strength where it counts. If an attacker gets access to your password outside your password manager (man-in-the-middle, keylogger, phishing), then you’re still protected. Maybe it’s hubris in my own ability to keep my password manager safe, but I’ve never been worried about storing MFA in my password manager.

      • Anon819450514@lemmy.ca
        2·
        1 year ago

        Bitwarden crew checking in. The best thing about bitwarden is the 10$/year to have a pro account. It gives you, amongst other things the ability to store up to 1tb of attachments and reports on various risk assessments.

        You can even host your own instance.

        I recommend it.