githubanonymoustwo-factor-authentication

Has GitHub stopped requiring 2FA?


I saw that the two-factor authentication (2FA) block has disappeared, and I can’t find anywhere where it says that it is required. Were people in the GitHub community able to influence them?

I tried to find information, but I couldn't find it anywhere.


Solution

  • GitHub is continuing with its plans to enforce 2FA. As was mentioned in the comments, GitHub's documentation indicates that 2FA will be required for all accounts that contribute code. GitHub's blog post indicates that their intention is to secure accounts from takeover or compromise and improve security.

    Rollout is done by groups using some internal criteria, and thus not everybody will be required to enable it at once. This allows improvements with the process to be made as feedback comes in. Thus, if you're not seeing the banner, then it may be either that you don't contribute code (in which case you won't be affected) or the group that includes you has not rolled out yet. If you contribute code, you will likely be asked to enable 2FA eventually.

    If you're looking for a simple way to meet the requirement, there are TOTP (authenticator app) implementations for a variety of platforms, including many, many open source ones.