Industry Trends

Github Adds 2FA

By Richard Henderson | September 03, 2013

Popular software development hosting site GitHub announced today that they have added support for two-factor authentication.

As we've said in the past, two-factor authentication is a fantastic way for users to add another layer of protection to their various online accounts... if you're using a service that provides it, you should take advantage of it. By implementing two-factor authentication whenever you can, you make it much more difficult for attackers and malware developers to compromise your digital lives. git hub _

Image courtesy of [Ben Scholzen](

_ One interesting bit of info with Github's introduction is that they are providing more than basic SMS-based two-factor authentication: they also support applications that provide a TOTP-based token.

TOTP is a time-based token that calculates your one-time password based on time. This means you can use applications like Google's Authenticator app (available for Android, iOS and Blackberry 10), Duo Mobile and Windows 7 Phone's Authenticator.

Fortinet's FortiToken Mobile application for both Android and iOS can also be used as a third-party TOTP soft token (for services such as GitHub, Dropbox and Google), and is free to use.

Wikipedia's article on TOTP goes into good detail on how it works.

Join the Discussion