395
GitHub to require 2FA on accounts by October 6, 2023 (github.blog)
submitted 10 months ago* (last edited 10 months ago) by Xylight@lemmy.xylight.dev to c/technology@lemmy.ml
125 comments fedilink hide all child comments

I personally am fine with this.

you are viewing a single comment's thread
view the rest of the comments
[-] doink@lemmy.world 39 points 10 months ago

While you are adding this anyway consider using an open source app instead of google auth like aegis. There are many others but I wish I knew about them sooner.

[-] dyc3@lemmy.world 7 points 10 months ago

I personally love keeweb. Passwords and 2fa all in one place.

I mean you could argue that defeats the purpose of having 2fa, but it's convenient

[-] technojamin@lemmy.world 6 points 10 months ago

It weakens it a bit, but in my opinion it still has strength where it counts. If an attacker gets access to your password outside your password manager (man-in-the-middle, keylogger, phishing), then you’re still protected. Maybe it’s hubris in my own ability to keep my password manager safe, but I’ve never been worried about storing MFA in my password manager.

[-] jackalope@lemmy.ml 4 points 10 months ago

Bitwarden is also good.

[-] Anon819450514@lemmy.ca 2 points 10 months ago* (last edited 10 months ago)

Bitwarden crew checking in. The best thing about bitwarden is the 10$/year to have a pro account. It gives you, amongst other things the ability to store up to 1tb of attachments and reports on various risk assessments.

You can even host your own instance.

I recommend it.

[-] UnverifiedAPK@lemmy.ml 1 points 10 months ago

You probably shouldn't be storing your passwords and 2FA in the same place.

[-] ArtVandelay@lemmy.world 2 points 10 months ago

Just moved my github MFA to aegis.

this post was submitted on 22 Aug 2023
395 points (98.5% liked)

Technology

33650 readers
32 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.

Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.

Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
MinutePhrase@lemmy.ml