GitHub has announced that they are adding support for security keys when using Git over SSH.
According to the blog post, this support is a natural step in GitHub’s efforts to increase both security and usability. The post explains that “security keys, such as the YubiKey, are portable and transferable between machines in a convenient form factor. … When used in a web browser with two-factor authentication enabled, security keys provide a strong, convenient, and phishing-proof alternative to one-time passwords provided by applications or SMS.”
Additionally, “with security keys, you can achieve a higher level of account security and protection from account takeover. You can take things a step further by removing your previously registered SSH keys, using only SSH keys backed by security keys.”
GitHub outlines the steps for generating a new SSH key for a hardware security key in a separate post.
Comments