Security News > 2022 > May > GitHub to require two factor authentication for code contributors by late 2023

GitHub to require two factor authentication for code contributors by late 2023
2022-05-05 04:01

GitHub has announced that it will require two factor authentication for users who contribute code on its service.

"The software supply chain starts with the developer," wrote GitHub chief security officer Mike Hanley on the company blog.

GitHub already offers 2FA, requires contributors of popular packages to employ it, and states that 16.5 per cent of active users already employ the technique.

Why the rest have until sometime in 2023 to adopt 2FA isn't explained in Hanley's post, beyond his assertion that "GitHub is committed to making sure that strong account security doesn't come at the expense of a great experience for developers, and our end of 2023 target gives us the opportunity to optimize for this."

The post also states that GitHub will "Actively explore new ways of securely authenticating users" and add more ways to recover accounts.

Hanley's post states that details of GitHub's 2FA implementation will emerge in "Coming months".


News URL

https://go.theregister.com/feed/www.theregister.com/2022/05/05/github_2fa_mandatory_2023/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Github 10 2 30 29 14 75