GitHub now requiring 2FA for all contributors,what authenticator apps you using?

GitHub is rolling out mandatory 2FA for accounts that contribute code, with a 45-day window to enroll.

Aegis, Raivo, or Ente are the ones that have most promise from what I've read. Any other recommendations? or thoughts on those three in particular.

TY

10 points | by nickcageinacage 18 hours ago

13 comments

  • uyzstvqs 17 hours ago
    Aegis (local) https://github.com/beemdevelopment/aegis

    Bitwarden Authenticator (local) https://bitwarden.com/products/authenticator/

    Ente (encrypted cloud backup) https://ente.com/auth/

  • thegoldenman 8 hours ago
    https://apps.apple.com/au/app/2fa-authenticator-2fas/id12177...
  • jjgreen 17 hours ago
    That's been pending for a while, I'll just stop contributing code.
    [-]
    • nextos 6 hours ago
      You don't need an app if you don't want one.

      In a CLI, oath lets you calculate a TOTP.

      But it's maybe a bit more insecure if you use the same machine.

    • codazoda 9 hours ago
      Why? You’re against 2FA? You couldn’t contribute without an account before, could you?
  • jc-myths 16 hours ago
    Google auth, first and the only 2FA authenticator I ever used.
    [-]
    • aerzen 2 hours ago
      Because some auth provider recommended it as the only app to use. While it is a good app, it does backup into Drive.
  • codazoda 9 hours ago
    Authy but I’m considering moving to Apple Passwords so it’s all together.
    [-]
    • ecesena 5 hours ago
      Same. To add some details, I used Authy because at the time it was the only app that would just work after upgrading my iphone. I never enabled their cloud mode, so only local 2FA codes.
  • riidom 8 hours ago
    on phone: 2FA Manager from OpenStore on UBports phone

    on work laptop: 1PW

  • threecheese 16 hours ago
    Using GitHub MFA via the app on my iPhone.
    [-]
    • nickcageinacage 16 hours ago
      yea. I'm pretty sure they want separate authenticator app or browser extension
    • paulG12 16 hours ago
      So now I need my damn phone to push something. Great. What's next, my national ID?
      [-]
      • nickcageinacage 15 hours ago
        lmao welp. that is the path other apps are going so i wouldnt be surprised
  • pickle-wizard 16 hours ago
    I use a passkey that is in iCloud Keychain.
  • cyberclimb 9 hours ago
    Checkout Ente Auth
  • mindwork 15 hours ago
    I still use Authy tbh
  • bjourne 14 hours ago
    Microsoft showing 2FA down everyone's throat is quite painful. I don't for a second believe they are only using my phone number for authentication. They are storing the data and they are correlating it with other apps they force 2FA on.
    [-]
    • stephenr 13 hours ago
      So don't give them your phone number.

      Arguing against 2FA is like arguing that they shouldn't bash your password because it means you can't see your password to help remember it.

  • nashashmi 15 hours ago
    Totp.app
  • stalfosknight 18 hours ago
    iCloud Keychain