GitHub is introducing passwordless authentication as a new method to enhance account security and provide a seamless user experience. Passkeys are a secure and easy-to-use way of protecting user accounts, combining two-factor authentication (2FA) with enhanced user verification. Passwords are eliminated, and passkeys require a combination of something the user is or knows (such as a thumbprint, face, or PIN) and something the user has (a physical security key or device). Users can enable passkeys in their GitHub account settings, upgrade eligible security keys, or register new ones.
Passkeys can be used across devices, and cross-device authentication allows users to sign in on a desktop by verifying their phone’s presence. Passkeys have the advantage of replacing passwords entirely, and with expanded browser support, they can be automatically suggested by the browser’s autofill system on the login page. Passkeys also offer synchronization across devices using services like iCloud, Google Password Manager, or password managers such as 1Password or Dashlane.
The introduction of passkey authentication demonstrates GitHub’s commitment to account security and user experience. By embracing passwordless authentication, GitHub aims to reduce the risk of data breaches caused by weak or compromised passwords. Passkeys provide developers with ease and confidence in protecting their accounts and sensitive information against unauthorized access.