If you cannot perform 2FA to pass the checkup, you must use the provided shortcut to reconfigure your 2FA settings and retain access to. Otherwise, you will be prompted to perform 2FA in an existing session on the 28th day. You can leave the check up period by successfully performing 2FA in those 28 days. Many TOTP apps support the secure backup of your authentication codes in the cloud and can be restored if you lose access to your device.Īfter you configure 2FA, your account will enter a 28-day check up period. TOTP applications are more reliable than SMS, especially for locations outside the United States.
We strongly recommend using a time-based one-time password (TOTP) application to configure 2FA, and security keys as backup methods instead of SMS. You can configure two-factor authentication (2FA) using a mobile app or via text message. If you don't receive a notification, then you are not part of a group required to enable 2FA, though we strongly recommend it.įor more information about the 2FA enrollment rollout, see this blog post.
If you are in an eligible group, you will receive a notification email when that group is selected for enrollment, marking the beginning of a 45-day 2FA enrollment period, and you will see banners asking you to enroll in 2FA on. Note: Starting in March 2023 and through the end of 2023, GitHub will gradually begin to require all users who contribute code on to enable one or more forms of two-factor authentication (2FA).