GitHub will begin its official rollout of two-factor authentication for developers who contribute code on the platform, starting March 13. GitHub added that it will support SMS text messages as a second factor, while testing FIDO Alliance passkeys internally to improve the security posture. “It is true that SMS 2FA can be easily phished by hackers as it relies on knowledge-based credentials. But GitHub recognizes these risks and strongly recommends using security keys and TOTPS wherever possible for greater security – [and] will continue to offer SMS for 2FA – which is better than removing the option entirely,” said Andrew Shikiar, executive director of the FIDO Alliance.


More

TechRadar: Passwords out, passkeys in: The future of secure authentication

Since the inception of the internet, passwords have been the primary authentication factor to gain access to…

Read More →

MobileIDWorld: Research Reveals Security Implications of FIDO2 and Synced Passkeys

Recent academic research has revealed new insights into the security considerations surrounding FIDO2 authentication and…

Read More →

ZDNet: What are passkeys? How going passwordless can simplify your life in 2025

You probably have a lot of passwords in your life. Even with the help of password…

Read More →