On March 13, we will officially begin rolling out our initiative to require all developers who contribute code on GitHub.com to enable one or more forms of two-factor authentication (2FA) by the end of 2023. Read on to learn about what the process entails and how you can help secure the software supply chain with 2FA.
Printing recovery codes would require me to either be price gouged by the printer ink cartel or use someone else’s printer, and using someone else’s printer is begging to get my account stolen.
I have no idea how to hammer things into metal plates, but I’m guessing that’s even more expensive than printer ink.
I can do that with alphanumeric codes, yeah, but can I get alphanumeric codes from GitHub, or is it going to be a QR code? I can’t write down a QR code…
QR codes are just an encoding. Just use any half-competent QR code app, and it will give you it’s content, which you can then write down. For the reverse you can use any QR code generator.
I personally am afraid of this. What if something gets botched? I’ll be permanently locked out of my account!
Print off your recovery codes and keep them safe. If you want to be extra, hammer them into metal plates like the crypto weirdos do.
Printing recovery codes would require me to either be price gouged by the printer ink cartel or use someone else’s printer, and using someone else’s printer is begging to get my account stolen.
I have no idea how to hammer things into metal plates, but I’m guessing that’s even more expensive than printer ink.
Just use your pen and paper.
I can do that with alphanumeric codes, yeah, but can I get alphanumeric codes from GitHub, or is it going to be a QR code? I can’t write down a QR code…
QR codes are just an encoding. Just use any half-competent QR code app, and it will give you it’s content, which you can then write down. For the reverse you can use any QR code generator.
How do I feed the generated QR code back to GitHub, then? Can I upload an image of it?
Have you ever used any website with 2FA? You don’t need to upload QR codes.
I’ve only used SMS and Steam 2FA so far. I’ve been avoiding 2FA as much as I can.
The recovery codes come as a set of numbers
I’d prefer me getting permanently locked out over someone who isnt me getting allowed in. Even more so to services which have my credit card number.
But unlikely anyway, as long as I save my pass and 2fa to a password manager, and keep the backup codes backed up.