In case of github commit access it especially makes no sense because you commit via ssh with an ssh key, not via your github account login method.
No, just no. What "properly securing your account" means depends highly on the user and it is not for others to police.
-
-
-
That made even less sense. Have the github login? Add a new ssh key or commit right from the web UI.
-
The point was that there's always a non-2FA vector for modifications.
-
You *can* use a hardware device for your ssh keys, though admittedly very few use it.
-
And the most important aspect is that it's the user's choice, and invisible to the server.
-
Compare to the historical (ongoing?) hell with banking in some countries where you had to use specific MSIE-integrated junk to login.
-
Up until recently case didn't matter in your RBC (Royal Bank) web banking login (they uppercased it in JS before submitting). And of course they don't have 2FA.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.