GitHub will begin its official rollout of two-factor authentication for developers who contribute code on the platform, starting March 13. GitHub added that it will support SMS text messages as a second factor, while testing FIDO Alliance passkeys internally to improve the security posture. “It is true that SMS 2FA can be easily phished by hackers as it relies on knowledge-based credentials. But GitHub recognizes these risks and strongly recommends using security keys and TOTPS wherever possible for greater security – [and] will continue to offer SMS for 2FA – which is better than removing the option entirely,” said Andrew Shikiar, executive director of the FIDO Alliance.


More

SC Magazine: How passkeys pave the way for passwordless authentication

Fast Identity Online (FIDO) outlines secure authentication protocols that are available to all. Now, Microsoft,…

Read More →

Mac4ever: Apple starts promoting Passkeys

At WWDC 2022, Apple briefly mentioned the Passkeys feature, which will allow passwords to be…

Read More →

Frandroid: Apple is preparing the future of the password and it will work even on Windows

At WWDC 2022, Apple introduced us to the Passkeys feature, which will eliminate the need…

Read More →


Subscribe to the FIDO newsletter

Stay Connected, Stay Engaged

Receive the latest news, events, research and implementation guidance from the FIDO Alliance. Learn about digital identity and fast, phishing-resistant authentication with passkeys.