GitHub requiring 2FA for developers to tightens security

Maourice Gonzalez


For those of us building financial or commerce focused applications multi factor or 2FA authentication is a way of life, however many platforms all over the web still left it up to users to be security conscious. All of that seems to be coming to an end over at GitHub. Microsoft announced changes to existing authentication rules which will require 2FA for developers as part of “part of a platform-wide effort to secure the software ecosystem through improving account security.” This is very good news.

GitHub’s Chief Security Officer (CSO), Mike Hanley, has stated that by the end of 2023, developers contributing code to the platform will be required to enable at least one type of 2FA.

At the present less than 20% of GitHub users have some sort of 2FA enabled. There could be a number of factors for such low adoption but in any case GitHub is committed to giving users more choices for secure authentication and account recovery before the 2023 deadline. You can read more about the upcoming changes in the official blog post form Mike Hanley at GitHub.

What do you think about these changes? Are you happy these extra security measures are being put in place? Let us know in the comments below.