GitHub to require 2FA on accounts by October 6, 2023 - eviltoast

I personally am fine with this.

  • tool@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    BTW, any authenticator app works when it tells you to use one. They all use a standard, so it doesn’t matter which one you use.

    Eh, it’s a little more nuanced than that, there’re more standards for MFA code generation than just TOTP.

    And even within the TOTP standard, there are options to adjust the code generation (timing, hash algorithm, # of characters in the generated code, etc.) that not all clients are going to support or will be user-configureable. Blizzard’s Battle.net MFA is a good example of that.

    If the code is just your basic 6-digit HMAC/SHA1 30-second code, yeah, odds are almost 100% that your client of choice will support it, but anything other than that I wouldn’t automatically assume that it’s going to work.