Subj : GitHub reminds users to enable 2FA or lose account functionality
To   : All
From : TechnologyDaily
Date : Wed Dec 27 2023 13:00:06

GitHub reminds users to enable 2FA or lose account functionality

Date:
Wed, 27 Dec 2023 12:58:21 +0000

Description:
Over 18 months after first announcing enforcement, GitHub is now making 2FA 
mandatory for code contributors.

FULL STORY
======================================================================

GitHub has warned users that, if they havent already upgraded to two-factor 
authentication ( 2FA ) on their accounts, they would risk losing some 
functionality very soon. 

The warning came in the form of an email seen by Bleeping Computer , which 
warns contributors to upgrade their accounts security by mid-January 2024. 

Of course, this shouldnt be a surprise to GitHub users given that the 
mandatory security upgrade was announced in mid-2022, with several reminders 
over the following 18 months. GitHub will enforce 2FA 

In May 2022, GitHubs Chief Security Officer and SVP of Engineering, Mike 
Hanley, said that the platform would require all users who contribute code on 
GitHub.com to enable one or more forms of two-factor authentication (2FA) by 
the end of 2023. 

The deadline now appears to have been pushed back by nearly three weeks, but 
this could be a polite grace period provided by the Microsoft-owned platform, 
given that offices are likely to be shut over Christmas and the New Year. 

The email reads: GitHub users are now required to enable two-factor 
authentication as an additional security measure. Your activity on GitHub 
includes you in this requirement. You will need to enable two-factor 
authentication on your account before January 19, 2024, or be restricted from 
account actions. 

The mandate has already been in place for some account holders since March 
this year. Various 2FA methods can be chosen from, including SMS and TOTP 
authentication apps , as well as physical security keys. 

After the deadline, users will be prompted to set up 2FA before they can 
continue to use their accounts features. 

Moreover, users are being advised to set up more than one type to prevent 
account lock-out, though access can be recovered by dipping into a pot of 
recovery codes provided upon setup. More from TechRadar Pro Save your codes 
in the best password management apps Weve rounded up a list of the best 
identity theft protection Microsoft wants to take any MFA and 2FA worries out 
of your hands



======================================================================
Link to news story:
https://www.techradar.com/pro/security/github-reminds-users-to-enable-2fa-or-l
ose-account-functionality


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.