GitHub has made a significant step forward in enhancing the security and convenience of its platform by launching passwordless authentication support in public beta. This feature, which is available for users who opt-in, enables them to replace their security keys with passkeys, a new type of credential that works across devices and browsers.
Passwordless authentication is a method of verifying users’ identities without requiring them to enter a password. Instead, users can use a device-specific passkey that is generated and stored securely on their device. When they sign in to GitHub, they simply need to approve the sign-in request on their device, and they are good to go.
Passkeys are based on the WebAuthn standard, which is supported by most modern browsers and operating systems. This means that users can use their passkeys to sign in to GitHub from any device or browser they trust without carrying around a physical security key or remembering a password. Passkeys also offer stronger protection against phishing, credential theft, and account takeover attacks, as they are tied to the user’s device and cannot be reused or stolen by attackers.
“We’re excited to continue to provide more flexibility, reliability, and security in the ways you can authenticate to GitHub,” said GitHub’s Staff Product Manager, Hirsch Singhal.
Users who want to try out passwordless authentication can opt-in to the public beta by visiting their account settings and enabling the feature under “Security.” They will then be guided through the process of creating and registering their passkey on their device. Once they have done that, they can use their passkey to sign in to GitHub from any device or browser that they trust without needing a password or a security key.
GitHub hopes that passwordless authentication will encourage more users to adopt strong security practices and protect their accounts from unauthorized access. The company also plans to expand the feature to support more scenarios and use cases in the future, such as signing in to GitHub via SSH or the command line. GitHub invites users to share their feedback and suggestions on the feature via its community forum or its support team.
Keep in touch with our blog to read the latest news and innovations in the cybersecurity world.
Photo by Rubaitul Azad on Unsplash.
Facebook: Eagle Tech Corp
LinkedIn: Eagle Tech
YouTube: Eagle Tech Corp