The account security of GitHub users is critical, and simple passwords are simply not enough to protect online accounts. To improve the security of the GitHub account, the GitHub platform announced an easy-to-use authentication option by supporting the WebAuthn (Web Authentication) standard.
WebAuthn is a web standard published by the W3C. WebAuthn is a core component of the FIDO2 project under the direction of the FIDO Alliance. The goal is to standardize interfaces to authenticate users to Web-based applications and services using public-key cryptography.
With WebAuthn, developers can now perform two-factor authentication on GitHub using physical security keys. If you don’t have a physical security key, you can also use your laptop or phone as a security key.
You can now use physical security keys on GitHub with:
- Windows, macOS, Linux, and Android: Firefox and Chrome-based browsers
- Windows: Edge
- macOS: Safari, currently in Technology Preview but coming soon to everyone
- iOS: Brave, using the new YubiKey 5Ci
If you’re using the following browsers, you can register your device today:
- Microsoft Edge on Windows, using Windows Hello (with facial recognition, fingerprint reader, or PIN)
- Chrome on macOS, using Touch ID
- Chrome on Android, using fingerprint reader