Expert Comment: Github announces 2FA to be introduced
March 2023 by Checkmarx
Github has announced it will begin selecting accounts for the enrolment of two-factor authentication (2FA) this week, with all users being required to use 2FA by the end of the year.
Erez Yalon, VP Security Research, at Checkmarx points out that “Github’s introduction of 2FA is not a silver bullet, but a step in the right direction. Requiring 2FA does improve security and encourages better security practices whilst aligning with the latest industry standards.
However, some users may find 2FA inconvenient, and technical barriers could emerge, potentially causing Github’s systems to slow down.
Introduction of a mandatory 2FA requirement has the potential to greatly benefit the security of the industry overall, with more secure software and repositories reducing risk of cyberattack, but the initial changes could be a challenge for developers. Many organisations might need to adjust their processes in the long run, to alleviate these challenges.”
Adding to this, Ori Bendet, VP Product Management at Checkmarx, says “There is always a need for a balance between security and user experience and this time, Github decided to move in favour of security. While it might be inconvenient to some developers and companies, who will need to adapt their current processes, I think that in the long run, Github move will indeed help create more secure software repos.”