all InfoSec news
GitHub enforces 2FA — it’s about time (given the state of supply chain security)
Malware Analysis, News and Indicators - Latest topics malware.news
GitHub is a weak link in the software supply chain. Finally, Microsoft is doing something about it — by forcing users into two-factor authentication (2FA).
Unfortunately, SMS is still an option, but at least you don’t have to use it. WebAuthn keys and TOTP are where you should be looking, plus there’s a dedicated GitHub app. Passkeys support isn’t there yet, but it’s “coming soon.”
No need to wait until you’re forced. In this week’s Secure Software Blogwatch, we …
2fa app authentication coming doing don factor github isn keys link microsoft passkeys security sms software software supply chain state supply supply chain supply chain security support totp weak link webauthn