GitHub now requiring 2FA for all contributors,what authenticator apps you using?
Comments
uyzstvqs
jjgreen
That's been pending for a while, I'll just stop contributing code.
nextos
You don't need an app if you don't want one.
In a CLI, oath lets you calculate a TOTP.
But it's maybe a bit more insecure if you use the same machine.
codazoda
Why? You’re against 2FA? You couldn’t contribute without an account before, could you?
jjgreen
I'd had a GH account for ages under my own name, I closed that as soon as Microsoft took it over, moved all my repos to GitLab, good move. I opened a new GH account under a silly name [1] so I could collaborate with people still on it. Now I'm not really against 2FA, but don't use it myself, it adds friction, adds risk (what if you lose it), it seems too "theatrical" for my liking. You want to use 2FA? be my guest, live and let live etc. What I don't like is being told what to do with my account, particularly by someone like MicroSlop. I won't add 2FA to my GH account, so I'll not contribute any code to GH based projects, ho hum. As I understand it, I'll still be able to raise issues without 2FA, fine, and when 2FA becomes mandatory for that, I'll stop doing that too.
jc-myths
Google auth, first and the only 2FA authenticator I ever used.
aerzen
Because some auth provider recommended it as the only app to use. While it is a good app, it does backup into Drive.
codazoda
Authy but I’m considering moving to Apple Passwords so it’s all together.
ecesena
Same. To add some details, I used Authy because at the time it was the only app that would just work after upgrading my iphone. I never enabled their cloud mode, so only local 2FA codes.
pickle-wizard
I use a passkey that is in iCloud Keychain.
threecheese
Using GitHub MFA via the app on my iPhone.
nickcageinacage
yea. I'm pretty sure they want separate authenticator app or browser extension
paulG12
So now I need my damn phone to push something. Great. What's next, my national ID?
nickcageinacage
lmao welp. that is the path other apps are going so i wouldnt be surprised
riidom
on phone: 2FA Manager from OpenStore on UBports phone
on work laptop: 1PW
cyberclimb
Checkout Ente Auth
stalfosknight
iCloud Keychain
mindwork
I still use Authy tbh
bjourne
Microsoft showing 2FA down everyone's throat is quite painful. I don't for a second believe they are only using my phone number for authentication. They are storing the data and they are correlating it with other apps they force 2FA on.
stephenr
So don't give them your phone number.
Arguing against 2FA is like arguing that they shouldn't bash your password because it means you can't see your password to help remember it.
nashashmi
Totp.app
Aegis (local) https://github.com/beemdevelopment/aegis
Bitwarden Authenticator (local) https://bitwarden.com/products/authenticator/
Ente (encrypted cloud backup) https://ente.com/auth/