Skip to content

Preferred 2FA methods and settings improvements

The Primary field on two-factor authentication methods has been removed, and replaced with a Preferred option. This new option sets your preferred 2FA method for account login and use of the sudo prompt. You can choose between TOTP, SMS, security keys, or GitHub Mobile as your preferred 2FA method.

Additionally, you can now update your 2FA methods inline at, rather than going through the initial 2FA setup flow again.


With this change, device-specific preferences for 2FA have been removed – each login will always default to your preferred method. If you previously set a default on one of your devices, your most recent choice has been copied to your account-wide preference. Otherwise, no preference will be set, and GitHub will select from your available second factors in this order: security keys, GitHub Mobile, TOTP, and then SMS.

To learn more, see "Changing your preferred two-factor authentication method" and "Configuring two-factor authentication".

To ensure the security of our infrastructure, on Tuesday, February 28th, 2023 GitHub Pages sites that contain symbolic links will no longer build outside of GitHub Actions.

The majority of Pages sites will not be affected by this change since building with GitHub Actions is the default. If any of your Pages sites is affected, you will receive a build failure email with instructions how to fix the error on your next build.

See more