How to Set Up Two-factor Authentication with GitHub
- Obtain a U2F enabled YubiKey or Security Key. Any from the Applicable Products section will work.
- Plug in your YubiKey to the computer.
- Using Google Chrome or Chromium, log in to your GitHub account.
- Open your Account Settings and select Security from the left column.
- Click Enable Two-Factor Authentication.
- Follow the instructions for either setting up two-factor using an authenticator app or SMS codes.
- Under Security Keys click Register new device.
- Enter a unique nickname for your security key and click Add.
- When the LED on your YubiKey begins flashing, tap the metal contact to confirm the registration.
That's all! Repeat steps 7-9 above for any additional YubiKeys or Security Keys you want to associate with your GitHub account.
How to Use Two-factor Authentication with GitHub
- Log in with your user name and password.
- When prompted, insert your YubiKey and touch the blinking light. That's it!
Note: After you enable U2F on your GitHub account, you will not be able to use username and password for authentication to GitHub when using Git. You will need to add a SSH key to your account per the GitHub documentation. YubiKeys can securely hold your SSH key using the OpenPGP or PIV applications.