Rollout for the GitHub mandatory two-factor authorization will be gradual
GitHub mandatory two-factor authorization has been announced earlier this week as the global software supply chain is forcing its users to use the security feature starting on March 13. GitHub will be enforcing more users later this year, but they first want to scale on a small number of accounts first. Before the end of 2023, GitHub 2FA will be required for all users.
2FA is a form of multi-factor authentication. It adds a layer of security to ensure that it is only you that is using your username and password to access your account. After inputting your login information from one device, a code is delivered to another device you own. From there you are able to authenticate your identity.
“If your account is selected for enrollment, you will be notified via email and see a banner on GitHub.com, asking you to enroll,” the company wrote in a blog post about the GitHub mandatory two-factor authorization. “You’ll have 45 days to configure 2FA on your account—before that date nothing will change about using GitHub except for the reminders.”
After this time, if users still haven’t activated the GitHub 2FA feature, they will be prevented from accessing all of the features of their account until 2FA has been set up. Nonetheless, GitHub will inform users of how much time is still remaining to avoid any unpleasantries.
The GitHub Mandatory two-factor authorization was first announced to the public last year in May and December 2022, citing the risk of hackers attacking the software supply chain. GitHub has also provided a guide on configuring 2FA and how to recover your account in the case a device is lost or stolen.