GitHub Announces Passkey Authentication Beta
Written by Kay Ewbank   
Friday, 14 July 2023

GitHub has announced a public beta of passkey authentication on GitHub.com. The team says this will offer more flexibility in the ways that developers can authenticate onto the platform.

Passkeys combine ease of use with strong, phishing-resistant authentication, and GitHub says bring us a step closer to being able to avoid the use of passwords. FIDO (Fast IDentity Online) which set up a standard for passkeys, describes them as replacements for passwords that provide faster, easier, and more secure sign-ins to websites and apps across a user’s devices. Unlike passwords, passkeys are always strong and phishing-resistant.​

githubdeklogo

The need to find an alternative to passwords comes from the statistic that passwords are the root cause of more than 80% of data breaches. GitHub has been working to find ways to ensure stronger account security, starting last year with 2FA requirements for code contributors on GitHub.com.

Passkeys on GitHub.com require user verification, meaning they count as two factors in one. One factor is you are or know such as your thumbprint, face, or knowledge of a PIN. The second factor is something you have, such as your physical security key or your device. This combination provides strong enough authentication for GitHub to be confident it's really you signing in.

GitHub says that existing security keys on an account can often be upgraded to become part of a passkey. If your security key is capable of verifying your identity (for example, Touch ID, Windows Hello, Android thumbprints, or PIN-locked or biometric hardware keys), then it’s eligible to be upgraded.

Passkeys can be used across devices using cross-device authentication, which lets you use a passkey on your phone or tablet to sign in on your desktop, by verifying your phone’s presence. You can select a previously linked device or scan a QR code with your phone, complete the sign in there, and be all signed in on your desktop. Because your phone or tablet must be physically close to your laptop or desktop, cross-device authentication retains the phishing-resistant promise of FIDO.

Unlike SMS and email , passkeys are unique per website, so they cannot be used to track a user's activities across different sites.

GitHub's passkey beta is available to join now.

githubdeklogo

 

More Information

Passkey Beta On The GitHub ‘Feature Preview’ Tab 

Related Articles

GitHub Code Scanning Now Uses Machine Learning

GitHub Strengthens Team Working

New From GitHub Universe

GitHub Launches Actions

Microsoft Buys GitHub - Get Ready For a Bigger Devil

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Banner


AI Breakthrough For Robot Surgery
17/11/2024

Using imitation learning, a robot has learned to perform surgical procedures as skillfully as human surgeons, bringing the field of robotic surgery closer to true autonomy.



Random Gifts For Programmers
24/11/2024

Not really random. Not even pseudo random, more stuff that caught my attention and that I, for one, would like to be given. And, yes, if I'm not given them, I'd probably buy some for myself.


More News

espbook

 

Comments




or email your comment to: comments@i-programmer.info