Home / Companies / GitHub / Blog / Post Details
Content Deep Dive

New improvements and best practices for account security and recoverability

Blog post from GitHub

Post Details
Company
Date Published
Author
Neil Matatall
Word Count
650
Company Posts That Month
15
Language
English
Hacker News Points
-
Post removed?
No
Summary

Strong authentication credentials are essential for safeguarding GitHub accounts, with a focus on using strong, unique passwords and enabling two-factor authentication (2FA). GitHub is enhancing security by implementing features that encourage users to select non-compromised passwords, utilizing data from the HaveIBeenPwned.com project to identify compromised credentials. Users employing compromised passwords will be prompted to change them during login or registration processes. Additionally, GitHub will periodically remind users with 2FA enabled to review their setup and recovery options to prevent account lockout due to lost credentials. The platform advises the use of cloud-synchronized password managers and authenticator applications to ensure password and 2FA recovery options are securely backed up. GitHub also recommends storing backup codes securely and reviewing other credentials like SSH keys and OAuth authorizations regularly. These measures aim to balance security, usability, and recoverability, and users are encouraged to periodically review and update their account security settings.

Trends Found in this Post

No tracked trend matches for this post yet.

Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.