This article was published on October 1, 2015

GitHub accounts can now be protected with universal second factor authentication


GitHub accounts can now be protected with universal second factor authentication

GitHub’s authentication system has been expanded, and will now support FIDO universal second factor (U2F) protocol, which asks for a second piece of hardware to authenticate a session.

The most notable attack U2F thwarts is the popular man-in-the-middle hack, where information in intercepted and used to access a system or file.

To take advantage of U2F, GitHub users will need to purchase a hardware key. While U2F doesn’t require one particular vendor, GitHub is partnering with Yubico — inventor of the popular YubiKey and co-creator of U2F — to offer discounts to GitHub users via a special offer page.

The first 5,000 special edition U2F keys will be sold for $5 each (normally $18). After those are sold through, GitHub users will still qualify for a 20 percent discount on YubiKeys for a limited time, which also applies to students who are eligible for GitHub’s Student Developer Pack.

If you work on a team or have sensitive information in your GitHub repos, U2F may be the best way to protect your code.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with