GitHub has today announced the widespread availability of passkeys across its platform, offering an enhanced security layer against phishing while promoting passwordless logins for every user.
These passkeys are device-specific, meaning they’re tied to individual devices like PCs, tablets, or phones. This ensures added security, dramatically reducing data breach risks by defending against phishing and halting unauthorized logins.
One of the significant benefits of passkeys is their ability to grant users access to various apps and online services using unique identification methods such as PINs, fingerprints, and facial scans. Furthermore, the introduction of passkeys eradicates the stress of recalling and juggling multiple passwords for different platforms and services.
July saw the inaugural introduction of the passkey feature by GitHub, marking the onset of their public beta phase of passwordless authentication.
GitHub’s Staff Product Manager, Hirsch Singhal, commented this Thursday, “With the beta release of passkeys in July, it’s been embraced by tens of thousands of developers. Today, every GitHub.com user can harness the power of passkeys to safeguard their accounts.”
He further emphasized, “We’re steadfast in our mission to equip every contributor with 2FA by 2023’s end, bolstering platform security without hindering user experience.”
To activate one or several passkeys, navigate to your account’s security preferences and select the “Add a passkey” feature. For those who’ve set up security keys earlier, an “Upgrade” option might appear if they’re passkey-compatible.
This development follows suit with industry giants Apple, Google, and Microsoft, all of whom have been championing better passkey integration on their respective platforms.
Microsoft shared its plans to permit users to securely access apps and websites with passkeys stored on mobile devices. This feature will roll out with the September 26 Windows 11 22H2 update.
Similarly, Google revealed its strategy to let Chrome 118 users on iOS log into websites using passkeys generated on their devices and synced through iCloud keychain on their Mac systems.
Today’s revelation from GitHub also recalls its previous move to mandate two-factor authentication (2FA) for all engaged developers since March 13. GitHub has consistently elevated its account security, introducing features like sign-in notifications 2FA and halting the use of compromised passwords.