2-factor authentication suggesttion #67895
Unanswered
BillZaumen
asked this question in
New to GitHub
Replies: 1 comment
-
Hi there! Thanks for all this feedback, I've noted this to share with our authentication team. Recovery options are not just limited to phones. There here are multiple options for standalone TOTP applications that run across platforms like your desktop. https://keepassxc.org/ was recommended by community member @ldezas, which is an open, free desktop application, and for browser-based plugins there's 1Password. Any code that is compatible with RFC 6238 will work, using the manual setup options documented in "Configuring two-factor authentication". |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I just set up two-factor authentication & couldn't configure any of the recover options, probably because I'm using a flip phone (it is supposed to run Android but I can't seem to get it to install any apps). It would really help if there was one more recovery or two-factor-authentication option: to allow me to to request that the code be sent to my email address using GPG encryption. This should be more secure than SMS. Github should already have my GPG public key as I'm using that to sign commits.
An alternative is to simply provide an ASCII-armored GPG-encrypted code as part of the login procedure. I can then
decrypt that and paste the decrypted into a response.
The reason I'm using a flip phone is that my fingers don't work very well with touch screens - I'll try to type a key and can't
seem to do it reliably. Either I'm missing the active area on the screen or my fingers are a bit too dry for them to be noticed.
Beta Was this translation helpful? Give feedback.
All reactions