To help users better secure their accounts, GitHub is expanding its authentication system to support FIDO Universal 2nd Factor (U2F)—a rapidly growing open authentication standard.
GitHub encourages developers to build U2F support into their own applications as well, enabling authentication with simple user experience and strong security using public key cryptography. U2F is built to protect against phishing and man-in-the-middle attacks, allowing one U2F authenticator to access any number of services without any shared secrets. Since U2F has native support in platforms and browsers, there’s no need for drivers or client software. Visit github.com or yubico.com to find out more about U2F and how to use it with your GitHub account and other applications you are building.