Just wondering what people are using to meet the 2FA requirement GitHub has been rolling out. I don’t love the idea of having an authenticator app installed on my phone just to log into GitHub. And really don’t want to give them my phone number just to log in.
Last year, we announced our commitment to require all developers who contribute code on GitHub.com to enable two-factor authentication (2FA)…
I’ll happily take that chance for the convenience. Even if 1password leaks, they don’t have the keys to my vault. They would need my key and password to unlock it. The only time that isn’t needed is if it’s unlocked, which only is on my linux computer, which means they need to find an exploit with their app. In the 7 years I’ve used them I’ve never even heard a wiff of something even small happening.