{"id":46474,"date":"2022-05-04T15:00:02","date_gmt":"2022-05-04T15:00:02","guid":{"rendered":"http:\/\/c851b01b-5239-4c0a-a44d-748bd107ba44"},"modified":"2022-05-04T15:00:02","modified_gmt":"2022-05-04T15:00:02","slug":"github-launches-new-2fa-mandates-for-code-developers-contributors","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/github-launches-new-2fa-mandates-for-code-developers-contributors\/","title":{"rendered":"GitHub launches new 2FA mandates for code developers, contributors"},"content":{"rendered":"<div class=\"share-bar-wrapper\">\n<div class=\"full-byline\">\n<div class=\"author-avatars\"> <a rel=\"author\" class=\"thumb author-modal-open\" data-component=\"authorModal\" data-author-modal-options=\"{&quot;selector&quot;:&quot;charlie-osborne-modal&quot;,&quot;hoverSelector&quot;:&quot;.full-byline&quot;}\" href=\"https:\/\/www.zdnet.com\/meet-the-team\/us\/charlie-osborne\/\" data-vanity-rewritten=\"true\"> <span class=\"img \"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.zdnet.com\/a\/img\/resize\/c8ef739a72ea5f7507a32fca52940befe437ac45\/2014\/07\/22\/36b8334d-1175-11e4-9732-00505685119a\/charlie-osborne.jpg?width=50&amp;height=50&amp;fit=crop&amp;auto=webp\" class alt=\"Charlie Osborne\" height=\"50\" width=\"50\"><\/span> <\/a> <\/div>\n<\/p><\/div>\n<\/p><\/div>\n<p>GitHub is introducing new rules surrounding developers and two-factor authentication (2FA) security. <\/p>\n<p>On Wednesday, the Microsoft-owned code repository said that changes will be made to existing authentication rules as &#8220;part of a platform-wide effort to secure the software ecosystem through improving account security.&#8221;<\/p>\n<p>According to Mike Hanley, GitHub&#8217;s Chief Security Officer (CSO), <a href=\"https:\/\/github.blog\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">GitHub<\/a> will require any developer contributing code to the platform to enable at least one form of 2FA by the end of 2023. <\/p>\n<p>Open source projects are popular and widely used, valuable resources for individuals and the enterprise alike. However, if a threat actor compromises a developer&#8217;s account, this could lead to hijacked repos, data theft, and project disruption. <\/p>\n<p>Cloud platform provider <a href=\"https:\/\/status.heroku.com\/incidents\/2413\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">Heroku<\/a>, owned by Salesforce, disclosed a security incident in April. A subset of its private git repositories was compromised following the theft of OAuth tokens, potentially leading to unauthorized access to customer repos. <\/p>\n<p>GitHub says the software supply chain &#8220;starts with the developer,&#8221; and has been tightening up its controls with this in mind &#8212; noting that developer accounts are &#8220;frequent targets for social engineering and account takeover.&#8221; <\/p>\n<p>Recently, the issue of malicious packages being uploaded to GitHub&#8217;s <a href=\"https:\/\/www.zdnet.com\/article\/hundreds-more-malicious-packages-found-in-npm-factory\/\" target=\"_blank\" rel=\"noopener\">npm registry<\/a> has also brought software supply chain security to the forefront. <\/p>\n<p>In many cases, it isn&#8217;t a zero-day vulnerability that causes the collapse of open source projects or gives developers sleepless nights. Instead, it&#8217;s the fundamental weaknesses &#8212; such as weak password credentials or stolen information &#8212; that cyberattackers exploit. <\/p>\n<p>However, the code repository has also acknowledged that there can be a trade-off between security and user experience. So, the 2023 deadline will also give the organization the time to &#8220;optimize&#8221; the GitHub domain before the rules are set in stone. <\/p>\n<p>&#8220;Developers everywhere can expect more options for secure authentication and account recovery, along with improvements that help prevent and recover from account compromise,&#8221; Hanley commented. <\/p>\n<p>For GitHub, 2FA implementation may be becoming a pressing issue, with only 16.5% of active GitHub users and 6.44% of npm users adopting at least one form of 2FA. <\/p>\n<p>GitHub has already depreciated <a href=\"https:\/\/help.pluralsight.com\/help\/github-basic-authentication-deprecation-notice\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">basic authentication<\/a>, using usernames and passwords only, in favor of integrating OAuth or Access tokens. The organization has also introduced email-based <a href=\"https:\/\/github.community\/t\/new-security-feature-device-verification\/10216\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">device verification<\/a> when 2FA has not been enabled. <\/p>\n<p>The current plan is to continue a mandatory 2FA rollout on npm, moving from the top 100 packages to the 500, and then those with over 500 dependants or one million weekly downloads. The lessons learned from this testbed will then be applied to GitHub. <\/p>\n<p>&#8220;While we are investing deeply across our platform and the broader industry to improve the overall security of the software supply chain, the value of that investment is fundamentally limited if we do not address the ongoing risk of account compromise,&#8221; Hanley said. &#8220;Our response to this challenge continues today with our commitment to drive improved supply chain security through safe practices for individual developers.&#8221; <\/p>\n<p>In April, GitHub introduced a new <a href=\"https:\/\/www.zdnet.com\/article\/github-now-scans-for-secret-leaks-in-push-workflows\/\" target=\"_blank\" rel=\"noopener\">scanning feature<\/a> to protect developers and stop them from accidentally leaking secrets. The enterprise user feature is an optional check for developers to enable for use during workflows and before a git push is launched. &nbsp; <\/p>\n<h3> Previous and related coverage <\/h3>\n<hr>\n<p><strong>Have a tip?<\/strong> Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0<\/p>\n<hr>\n<p> READ MORE <a href=\"https:\/\/www.zdnet.com\/article\/github-launches-new-two-factor-authentication-mandates-for-code-developers\/#ftag=RSSbaffb68\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>New rules surrounding authentication will come in by the end of 2023.<br \/>\nREAD MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[62],"tags":[],"class_list":["post-46474","post","type-post","status-publish","format-standard","hentry","category-zdnet-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>GitHub launches new 2FA mandates for code developers, contributors 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/github-launches-new-2fa-mandates-for-code-developers-contributors\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"GitHub launches new 2FA mandates for code developers, contributors 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/github-launches-new-2fa-mandates-for-code-developers-contributors\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-05-04T15:00:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.zdnet.com\/a\/img\/resize\/c8ef739a72ea5f7507a32fca52940befe437ac45\/2014\/07\/22\/36b8334d-1175-11e4-9732-00505685119a\/charlie-osborne.jpg?width=50&amp;height=50&amp;fit=crop&amp;auto=webp\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/github-launches-new-2fa-mandates-for-code-developers-contributors\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/github-launches-new-2fa-mandates-for-code-developers-contributors\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"GitHub launches new 2FA mandates for code developers, contributors\",\"datePublished\":\"2022-05-04T15:00:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/github-launches-new-2fa-mandates-for-code-developers-contributors\\\/\"},\"wordCount\":553,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/github-launches-new-2fa-mandates-for-code-developers-contributors\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.zdnet.com\\\/a\\\/img\\\/resize\\\/c8ef739a72ea5f7507a32fca52940befe437ac45\\\/2014\\\/07\\\/22\\\/36b8334d-1175-11e4-9732-00505685119a\\\/charlie-osborne.jpg?width=50&amp;height=50&amp;fit=crop&amp;auto=webp\",\"articleSection\":[\"ZDNet | Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/github-launches-new-2fa-mandates-for-code-developers-contributors\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/github-launches-new-2fa-mandates-for-code-developers-contributors\\\/\",\"name\":\"GitHub launches new 2FA mandates for code developers, contributors 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/github-launches-new-2fa-mandates-for-code-developers-contributors\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/github-launches-new-2fa-mandates-for-code-developers-contributors\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.zdnet.com\\\/a\\\/img\\\/resize\\\/c8ef739a72ea5f7507a32fca52940befe437ac45\\\/2014\\\/07\\\/22\\\/36b8334d-1175-11e4-9732-00505685119a\\\/charlie-osborne.jpg?width=50&amp;height=50&amp;fit=crop&amp;auto=webp\",\"datePublished\":\"2022-05-04T15:00:02+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/github-launches-new-2fa-mandates-for-code-developers-contributors\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/github-launches-new-2fa-mandates-for-code-developers-contributors\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/github-launches-new-2fa-mandates-for-code-developers-contributors\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.zdnet.com\\\/a\\\/img\\\/resize\\\/c8ef739a72ea5f7507a32fca52940befe437ac45\\\/2014\\\/07\\\/22\\\/36b8334d-1175-11e4-9732-00505685119a\\\/charlie-osborne.jpg?width=50&amp;height=50&amp;fit=crop&amp;auto=webp\",\"contentUrl\":\"https:\\\/\\\/www.zdnet.com\\\/a\\\/img\\\/resize\\\/c8ef739a72ea5f7507a32fca52940befe437ac45\\\/2014\\\/07\\\/22\\\/36b8334d-1175-11e4-9732-00505685119a\\\/charlie-osborne.jpg?width=50&amp;height=50&amp;fit=crop&amp;auto=webp\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/github-launches-new-2fa-mandates-for-code-developers-contributors\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"GitHub launches new 2FA mandates for code developers, contributors\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"GitHub launches new 2FA mandates for code developers, contributors 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/github-launches-new-2fa-mandates-for-code-developers-contributors\/","og_locale":"en_US","og_type":"article","og_title":"GitHub launches new 2FA mandates for code developers, contributors 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/github-launches-new-2fa-mandates-for-code-developers-contributors\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-05-04T15:00:02+00:00","og_image":[{"url":"https:\/\/www.zdnet.com\/a\/img\/resize\/c8ef739a72ea5f7507a32fca52940befe437ac45\/2014\/07\/22\/36b8334d-1175-11e4-9732-00505685119a\/charlie-osborne.jpg?width=50&amp;height=50&amp;fit=crop&amp;auto=webp","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/github-launches-new-2fa-mandates-for-code-developers-contributors\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/github-launches-new-2fa-mandates-for-code-developers-contributors\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"GitHub launches new 2FA mandates for code developers, contributors","datePublished":"2022-05-04T15:00:02+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/github-launches-new-2fa-mandates-for-code-developers-contributors\/"},"wordCount":553,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/github-launches-new-2fa-mandates-for-code-developers-contributors\/#primaryimage"},"thumbnailUrl":"https:\/\/www.zdnet.com\/a\/img\/resize\/c8ef739a72ea5f7507a32fca52940befe437ac45\/2014\/07\/22\/36b8334d-1175-11e4-9732-00505685119a\/charlie-osborne.jpg?width=50&amp;height=50&amp;fit=crop&amp;auto=webp","articleSection":["ZDNet | Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/github-launches-new-2fa-mandates-for-code-developers-contributors\/","url":"https:\/\/www.threatshub.org\/blog\/github-launches-new-2fa-mandates-for-code-developers-contributors\/","name":"GitHub launches new 2FA mandates for code developers, contributors 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/github-launches-new-2fa-mandates-for-code-developers-contributors\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/github-launches-new-2fa-mandates-for-code-developers-contributors\/#primaryimage"},"thumbnailUrl":"https:\/\/www.zdnet.com\/a\/img\/resize\/c8ef739a72ea5f7507a32fca52940befe437ac45\/2014\/07\/22\/36b8334d-1175-11e4-9732-00505685119a\/charlie-osborne.jpg?width=50&amp;height=50&amp;fit=crop&amp;auto=webp","datePublished":"2022-05-04T15:00:02+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/github-launches-new-2fa-mandates-for-code-developers-contributors\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/github-launches-new-2fa-mandates-for-code-developers-contributors\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/github-launches-new-2fa-mandates-for-code-developers-contributors\/#primaryimage","url":"https:\/\/www.zdnet.com\/a\/img\/resize\/c8ef739a72ea5f7507a32fca52940befe437ac45\/2014\/07\/22\/36b8334d-1175-11e4-9732-00505685119a\/charlie-osborne.jpg?width=50&amp;height=50&amp;fit=crop&amp;auto=webp","contentUrl":"https:\/\/www.zdnet.com\/a\/img\/resize\/c8ef739a72ea5f7507a32fca52940befe437ac45\/2014\/07\/22\/36b8334d-1175-11e4-9732-00505685119a\/charlie-osborne.jpg?width=50&amp;height=50&amp;fit=crop&amp;auto=webp"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/github-launches-new-2fa-mandates-for-code-developers-contributors\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"GitHub launches new 2FA mandates for code developers, contributors"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/46474","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=46474"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/46474\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=46474"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=46474"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=46474"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}