By Jonathan Greig | August 18, 2021 -- 12:10 GMT (05:10 PDT) | Topic: Security
GitHub is urging its base of users to enable two-factor authentication as the platform shakes up how it protects accounts from compromise.
Everyone needs a password manager. It's the only way to maintain unique, hard-to-guess credentials for every secure site you and your team access daily.
In a blog post this week, Github's Mike Hanley explained that beginning on August 13, GitHub stopped accepting account passwords when authenticating Git operations. The platform now requires people to use stronger authentication factors like personal access tokens, SSH keys, or OAuth or GitHub App installation tokens for all authenticated Git operations on GitHub.com.
Hanley added that in addition to ditching passwords, GitHub has taken other measures like investing in verified devices, preventing the use of compromised passwords, supporting WebAuthn and more. GitHub announced the move in December.