April 1, 2023

GitHub will begin its official rollout of 2FA for developers who contribute code on the platform, starting today, March 13th, 2023. 

Earlier in May last year, this roll out was planned. The requirement could help to better secure the accounts of over 100 million users, protecting them from software supply chain attacks and other threats levied at the platform. 

As per the GitHub statement – Over the course of the next year, we’ll be reaching out to groups of developers and administrators, starting with smaller groups on March 13, to notify them of their 2FA enrolment requirement, this gradual rollout will let us make sure developers are able to successfully onboard, and adjust as needed before we scale to larger groups as the year progresses.

Advertisements

Developers will be notified via email and have 45 days to configure 2FA on their accounts if selected. During this time, accounts can be kept as usual, except for occasional reminders. Users who are not selected in the early enrolment group but would like to set up 2FA can click here to enrol. 

GitHub added that it will support SMS text messages as a second factor, while testing FIDO Alliance passkeys internally to improve the security posture. While SMS is deemed less secure than other second factors in the security community, some experts still praised GitHub’s decision to keep it.

Tags:

Leave a Reply

You may have missed

Cylance Ransomware Dissection

Cylance Ransomware Dissection

April 1, 2023
WordPress Elementor Pro Plugin Vulnerability

WordPress Elementor Pro Plugin Vulnerability

April 1, 2023
QNAP Critical Sudo Vulnerability

QNAP Critical Sudo Vulnerability

March 31, 2023
AlienFox Malware Toolset -SwissArmy Knife

AlienFox Malware Toolset -SwissArmy Knife

March 31, 2023
3CX Application Malvertised

3CX Application Malvertised

March 31, 2023
Microsoft Azure Super FabriXss Bug

Microsoft Azure Super FabriXss Bug

March 31, 2023
%d bloggers like this: