Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enabling two-factor authentication on your github account #20

Closed
ExperimentsInHonesty opened this issue May 7, 2019 · 3 comments
Closed
Assignees
Labels
education tutorial or other similar learning type issue

Comments

@ExperimentsInHonesty
Copy link
Member

ExperimentsInHonesty commented May 7, 2019

Overiew

Hack for LA requires two factor authentication (2FA) for Project Admins and it is recommended for all members.

Jump to Action Item: Setting up 2FA

What is 2FA?

Two-factor authentication, or 2FA, is an extra layer of security used when logging into websites or apps. With 2FA, you have to log in with your username and password and provide another form of authentication that only you know or have access to.

If you would like to read more information from github about 2FA: https://help.github.com/en/articles/securing-your-account-with-two-factor-authentication-2fa

Why setup 2FA now?

  • We are in the process of establishing best practices on Hack for LA projects and in the HfLA organization's account (new setup of team structure, security, etc).
  • There have been items in the news lately about hackers attempting to hold open source repositories for ransom: https://thenextweb.com/hardfork/2019/05/06/github-bitcoin-extortion-unsuccessful/ . Although these attempts seem to be unsuccessful its still a good reminder that we should use security best practices.

------------

### Action Item - Setting up 2FA

GitHub's guide to setting up 2FA. - takes about 2 min.

@ExperimentsInHonesty
Copy link
Member Author

You might encounter a challenge using the git CLI after enabling 2-factor auth. Here are steps to get CLI auth working again:

  1. Try pushing code from the CLI, if you get rejected unexpectedly it’s 2FA (if you enabled it)
  2. Clear your cached GH credentials
  3. Create a token at GH.com, which you’ll use as your CLI password

Thanks to @wesrowe for providing the instructions

@ExperimentsInHonesty ExperimentsInHonesty added the education tutorial or other similar learning type issue label May 21, 2019
@thekaveman
Copy link
Member

It should also be noted that if you clone via the ssh URL for a repo e.g.

[email protected]:hackforla/governance.git

instead of the https URL e.g.

https://github.com/hackforla/governance.git

then you probably won't run in to any issues after enabling 2FA, as you already use an SSH key.

Read more about connecting to GitHub with SSH.

@ExperimentsInHonesty
Copy link
Member Author

Added 2FA guide to the website.https://www.hackforla.org/guide-pages/2FA

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
education tutorial or other similar learning type issue
Projects
Development

No branches or pull requests

3 participants