Earlier this month GitHub announced, in partnership with Yubico, that they now support FIDO Universal 2nd Factor (U2F) as an option for two-factor authentication alongside their existing support for Google/Microsoft Authenticator Apps. With the announcement came a special offer: a special edition, Octocat adorned, Yubico U2F key for only $5!
A deal too good to pass up, especially as someone that has around ten services listed in their phone’s Authenticator app.
Naturally, I picked one up and added it to my GitHub account. Shipping to little old New Zealand was super-cheap, and super-fast.
n.b. It’s possible that this deal is still available, go to yubi.co/github and look for the “Special Offer for GitHub Users!” button.
The Setup Process, in Pictures
Assuming you have two-factor authentication enabled on your GitHub account, you’ll normally get asked for a six-digit code when you log in like this:
In order to add a U2F key to your account you’ll need to hit up your account settings, and edit your two-factor authentication settings under the security group:
At the bottom of these settings, click on “Register new device” and you’ll be asked to insert the key and press the button (which will light up and flash.)
Once you’ve pressed the button, the key will be added to your account and ready to help protect your account.
When you next log in, you’ll be able to just press the button again, gain access to your account very quickly.
And if you happen to not have your key on you, you can still fall back on the other two-factor authentication methods.
Now, how else can I use this thing?