GitHub adds hardware-based authentication for developers

Two-factor authentication for GitHub repositories just got a little more universal.

GitHub expanded its authentication system to support the FIDO Universal 2nd Factor (U2F) standard in order to offer developers a hardware-backed alternative to existing login methods, the company announced Thursday at its GitHub Universe event in San Francisco. The largest code-based cloud repository is teaming up with security company Yubico, co-creator of the U2F standard, to provide developers with U2F-compliant hardware keys.

The standard was designed to address phishing and man-in-the-middle attacks. As a hardware-backed system, it has an advantage of software systems such as the Google Authenticator app because the private keys cannot be intercepted. There are no SMS messages to intercept, no malware to compromise the app.

To read this article in full or to leave a comment, please click here

Read more: GitHub adds hardware-based authentication for developers

Story added 1. October 2015, content source with full text you can find at link above.