GitHub users should activate two-factor authentication (2FA) soon. In fact, as of Jan. 19, 2024, it will be mandatory. Otherwise, they will lose a lot of functionality, the developer platform reports.
That’s according to emails to users. If they are not using 2FA by then, the functionality of the code platform will be significantly limited for this group. In mid-2022, the developer platform announced that this security measure would be implemented. Recently, the platform sent an email to users not yet using this security method, urging them to implement it as soon as possible.
After the deadline, previously configured Personal Access tokens, SSH keys, and apps will continue to work. However, when users want to create new tokens or change account settings, they must enable 2FA for the affected account.
Two forms of 2FA very useful
GitHub offers different types of 2FA depending on the needs of end users, including security keys, GitHub Mobile, authentication apps (TOTP) and text messages. It is recommended to use a combination of two of these methods.
According to GitHub, the latter approach, in particular, is very useful when users may lose their 2FA credentials. The developer platform indicates that they may be unable to restore the account with 2FA security, leaving users dependent on recovery codes.