3 strategies to expand your threat model and secure your supply chain
How to get the security basics right at your organization.
Tag
2FA
Passkeys are generally available
All GitHub.com users can now register a passkey to sign in without a password.
Introducing passwordless authentication on GitHub.com
Passkeys are now available in public beta. Opting in lets you upgrade security keys to passkeys, and use those in place of both your password and your 2FA method.
Raising the bar for software security: GitHub 2FA begins March 13
On March 13, we will officially begin rolling out our initiative to require all developers who contribute code on GitHub.com to enable one or more forms of two-factor authentication (2FA) by the end of 2023. Read on to learn about what the process entails and how you can help secure the software supply chain with 2FA.
Raising the bar for software security: next steps for GitHub.com 2FA
GitHub will require all users who contribute code on GitHub.com to enable one or more forms of two-factor authentication (2FA) by the end of 2023. Learn more about our approach, when we’ll begin our rollout, and what you can expect as we begin requiring 2FA.
Software security starts with the developer: Securing developer accounts with 2FA
GitHub will require all users who contribute code on GitHub.com to enable one or more forms of two-factor authentication (2FA) by the end of 2023.
Top-100 npm package maintainers now require 2FA, and additional security-focused improvements to npm
Starting today, we are rolling out mandatory 2FA to all maintainers of top-100 npm packages by dependents.
Secure your GitHub account with GitHub Mobile 2FA
GitHub continues to improve account security and developer experience with a new 2FA mechanism in GitHub Mobile on iOS and Android.
Enrolling all npm publishers in enhanced login verification and next steps for two-factor authentication enforcement
Today we're introducing enhanced login verification to the npm registry, and we will begin a staged rollout to maintainers beginning Dec 7.
GitHub’s commitment to npm ecosystem security
We're sharing details of recent incidents on the npm registry, our investigations, and how we’re continuing to invest in the security of npm.
Securing your GitHub account with two-factor authentication
The benefits of multifactor authentication are widely documented, and there are a number of options for using 2FA on GitHub.