GitHub.com today announced that as part of its platform-wide effort to secure the software ecosystem through improving account security, it will require all users who contribute code on GitHub.com to enable one or more forms of two-factor authentication (2FA) by the end of 2023.
The best defense against this is moving beyond basic password-based authentication. We have already taken steps in this direction by deprecating basic authentication for git operations and our API and requiring email based device verification, in addition to a username and password. 2FA is a powerful next line of defense; however, despite demonstrated success, 2FA adoption across the software ecosystem remains low overall. Today, only approximately 16.5% of active GitHub users and 6.44% of npm users use one or more forms of 2FA.
– GitHub
For more, click here.
