Enhanced Two-Factor Authentication (2FA) experience is now Generally Available. Previously, we had announced a set of improvements in our public beta. Further to this we have made the following new changes to streamline the CLI login experience.

  • As of npm 8.15.0 Login and Publish authentication from CLI can now be managed by the browser with the --auth-type=web flag.
  • Login can use an existing web session, only prompting for your second factor or email verification OTP to create a new CLI session.
  • Publish now supports “remember me for 5 minutes” and allows for subsequent publishes from the same IP + access token to avoid the 2FA prompt for a 5-minute period.
  • You can now use 2FA for re-verification requests while performing high privilege operations on npmjs.com.

Read more about two-factor authentication
from our documentation.