I'd had a GH account for ages under my own name, I closed that as soon as Microsoft took it over, moved all my repos to GitLab, good move. I opened a new GH account under a silly name [1] so I could collaborate with people still on it. Now I'm not really against 2FA, but don't use it myself, it adds friction, adds risk (what if you lose it), it seems too "theatrical" for my liking. You want to use 2FA? be my guest, live and let live etc. What I don't like is being told what to do with my account, particularly by someone like MicroSlop. I won't add 2FA to my GH account, so I'll not contribute any code to GH based projects, ho hum. As I understand it, I'll still be able to raise issues without 2FA, fine, and when 2FA becomes mandatory for that, I'll stop doing that too.
Same. To add some details, I used Authy because at the time it was the only app that would just work after upgrading my iphone. I never enabled their cloud mode, so only local 2FA codes.
Microsoft showing 2FA down everyone's throat is quite painful. I don't for a second believe they are only using my phone number for authentication. They are storing the data and they are correlating it with other apps they force 2FA on.
Aegis (local) https://github.com/beemdevelopment/aegis
Bitwarden Authenticator (local) https://bitwarden.com/products/authenticator/
Ente (encrypted cloud backup) https://ente.com/auth/
That's been pending for a while, I'll just stop contributing code.
You don't need an app if you don't want one.
In a CLI, oath lets you calculate a TOTP.
But it's maybe a bit more insecure if you use the same machine.
Why? You’re against 2FA? You couldn’t contribute without an account before, could you?
I'd had a GH account for ages under my own name, I closed that as soon as Microsoft took it over, moved all my repos to GitLab, good move. I opened a new GH account under a silly name [1] so I could collaborate with people still on it. Now I'm not really against 2FA, but don't use it myself, it adds friction, adds risk (what if you lose it), it seems too "theatrical" for my liking. You want to use 2FA? be my guest, live and let live etc. What I don't like is being told what to do with my account, particularly by someone like MicroSlop. I won't add 2FA to my GH account, so I'll not contribute any code to GH based projects, ho hum. As I understand it, I'll still be able to raise issues without 2FA, fine, and when 2FA becomes mandatory for that, I'll stop doing that too.
[1] https://github.com/noproblemwiththat
Google auth, first and the only 2FA authenticator I ever used.
Because some auth provider recommended it as the only app to use. While it is a good app, it does backup into Drive.
https://apps.apple.com/au/app/2fa-authenticator-2fas/id12177...
Authy but I’m considering moving to Apple Passwords so it’s all together.
Same. To add some details, I used Authy because at the time it was the only app that would just work after upgrading my iphone. I never enabled their cloud mode, so only local 2FA codes.
I use a passkey that is in iCloud Keychain.
Using GitHub MFA via the app on my iPhone.
yea. I'm pretty sure they want separate authenticator app or browser extension
So now I need my damn phone to push something. Great. What's next, my national ID?
lmao welp. that is the path other apps are going so i wouldnt be surprised
on phone: 2FA Manager from OpenStore on UBports phone
on work laptop: 1PW
Checkout Ente Auth
iCloud Keychain
I still use Authy tbh
Microsoft showing 2FA down everyone's throat is quite painful. I don't for a second believe they are only using my phone number for authentication. They are storing the data and they are correlating it with other apps they force 2FA on.
So don't give them your phone number.
Arguing against 2FA is like arguing that they shouldn't bash your password because it means you can't see your password to help remember it.
Totp.app