Free and Open Source Software

17501 readers

339 users here now

If it's free and open source and it's also software, it can be discussed here. Subcommunity of Technology.

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago

MODERATORS

[email protected]

GitHub 2FA enrollment (feddit.de)

submitted 10 months ago by [email protected] to c/[email protected]

18 comments fedilink hide all child comments

I just received an email from Github that they are now ofically begin to require users who contribute code need to have 2FA enabled.

Why isn't password + email already sufficient? Why do I need to use a third FA to satisfy their requirements? Is it reasonable to feel stumped or angry about it?

Would like to hear your thoughts about this.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 27 points 10 months ago (1 children)

It's 2023, we are almost already at Passkeys and you skipped TOTP (basically that "Google Authenticator" does) as 2FA?
anyway there are a lot of open source TOTP apps available to choose from like Aegis or if you want to sync it something like Bitwarden (Premium or Vaultwarden)
desktop apps also exist but that would defeat the point probably

stay away from proprietary apps and do backups of these TOTP secrets or you'll absolute will lock you out if you loose your phone somehow

[–] [email protected] 1 points 10 months ago

I have some TOTPs for other accounts but used googles authenticator app for that as it wasn't important to me.

Thank you very much for the Aegis recommendation, the transfer was easy and quick as well.

And yeah using a desktop app would remove the "What I have" factor :)