Configure FIDO U2F Security Key for Two-Factor Authentication on GitHub

Wed 6 May 2020
Home 9 Identity & Authentication 9 Configure FIDO U2F Security Key for Two-Factor Authentication on GitHub

Prerequisites

Before you can add a FIDO U2F security key, you will need to enable two-factor authentication using a mobile authenticator app or via text message.

Authentication with a security key is secondary to authentication with a TOTP application or a text message. If you lose your hardware key, you’ll still be able to use your phone’s code to sign in as a backup.

WebAuthn (formerly known as U2F) currently works on all modern browsers, incluing Chrome, Firebox, Internet Explorer, Edge and Safari. For more information on supported browsers, see “Can I Use.”

If you’re authenticating to GitHub on an Android phone, you can use your fingerprint or your security key and Google Authenticator to sign into your account with Near Field Communication (NFC).

Add your FIDO U2F Security Key

  1. You must have already configured 2FA via a TOTP mobile app or via SMS.
  2. Ensure that you have a WebAuthn compatible security key inserted into your computer.
  3. In the upper-right corner of any page, click your profile photo, then click Settings.
    Settings icon in the user bar
  4. In the user settings sidebar, click Security.
    Security settings sidebar
  5. Next to “Security keys”, click Add.
    Add security keys option
  6. Under “Security keys”, click Register new security key.
    Registering a new security key
  7. Type a nickname for the security key, then click Add.
    Providing a nickname for a security key
  8. Activate your security key, following your security key’s documentation.
    Prompt for a security key
  9. Confirm that you’ve downloaded and can access your recovery codes. If you haven’t already, or if you’d like to generate another set of codes, download your codes and save them in a safe place. If you lose access to your account, you can use your recovery codes to get back into your account. For more information, see “Recovering your account if you lose your 2FA credentials.”
    Download recovery codes button
  10. After you’ve saved your recovery codes and enabled 2FA, we recommend you sign out and back in to your account. In case of problems, such as a forgotten password or typo in your email address, you can use recovery codes to access your account and correct the problem.

Source: https://help.github.com/en/github/authenticating-to-github/configuring-two-factor-authentication

Related Posts

[WEBINAR] Creative Ways to Secure User Sessions From Authentication to Walkaway

[WEBINAR] Creative Ways to Secure User Sessions From Authentication to Walkaway

Imagine the scenario, An employee logs into their workstation, their email, and more, and ...
Enterprise Security

Stay in the know

Join our community of security-conscious individuals and organizations who prioritize safeguarding their sensitive data. Stay informed about the latest advancements in cyber-physical technology and discover how FEITIAN can empower you to take control of your digital security.

"*" indicates required fields

Full Name*
Share This
0
    0
    Your Cart
    Your cart is empty