Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Overview

GitHub Passkeys provide a secure method for signing into GitHub.com without the need for a password. For those utilizing two-factor authentication (2FA), a passkey fulfills both the password and 2FA criteria, streamlining the sign-in process to just one step. 

Please Note:

In order to set up passkey, your GitHub 2FA must be configured first.

On This Page

Setup 2FA for GitHub Using Microsoft Authenticator App

Two-factor authentication (2FA) on GitHub is a secure method that requires both a password and an authentication code generated by an app on your mobile device to sign in. To bolster security, we recommend setting up 2FA using a time-based one-time password (TOTP) application, like Microsoft Authenticator App, instead of SMS. Microsoft Authenticator generates authentication codes that change over time and provide a more reliable experience.

Steps to Enable 2FA on GitHub using TOTP:

  1. Download a TOTP app: If you haven’t already, install the Microsoft Authenticator App on your mobile device.

  2. Navigate to Settings: On GitHub, click your profile photo at the upper-right corner, and then select Settings.

  3. Access Two-Factor Settings: In the sidebar's Access section, choose Password and authentication. Click Enable two-factor authentication in the "Two-factor authentication" section.

  4. Setup Authenticator App: Under "Setup authenticator app":

    • Scan the displayed QR code using your Authenticator App. The app will then display a six-digit code.
    • If scanning isn't possible, click enter this text code to get a code that you can manually input into your Authenticator App.

  5. Verify the Code: Your Authenticator App will now save your GitHub.com account and produce a new authentication code every few seconds. Enter this code on GitHub in the "Verify the code from the app" field.

  6. Backup with Recovery Codes: Click Download under "Save your recovery codes" to save these codes to your device. It's crucial to keep these codes safe, as they can help regain access to your account if you lose your primary authentication method.

  7. Finalize Setup: After storing your recovery codes safely, click I have saved my recovery codes to officially activate 2FA for your account.


For 28 days after 2FA setup, you're in a check-up period. Ensure to successfully perform 2FA within these 28 days, or you'll be prompted to do so on the 28th day. If you fail, use the provided shortcut to adjust your 2FA settings and maintain GitHub.com access.

Setup Passkey for YubiKey


  • No labels
Unknown macro: {ivy-ai}