-
-
Notifications
You must be signed in to change notification settings - Fork 482
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Request] Move from github #1029
Comments
Requiring 2FA and requiring a phone number are two very different things. |
I dont remember the exact words on the warning... i think it require phone number... but if u know more why dont u share ? |
The fact that GitHub has been owned by microsoft since 2018 is enough justification to consider migration elsewhere. @jackffmm I'd wager that @Gojkira is correct in the assumption that the warning you've encountered is due to the recent rollout of 2FA enforcement directed to code contributors:
Especially pertinent citation from the linked blog post: You can choose between TOTP, SMS, security keys, or GitHub Mobile as your preferred 2FA method. We strongly recommend the use of security keys and TOTPs wherever possible. SMS-based 2FA does not provide the same level of protection, and it is no longer recommended under NIST 800-63B. A phone number is not required nor is it recommended. If you're leery to mix your GitHub communication with your phone, there are open-source alternatives that function on the desktop. Here is one: https://gitlab.gnome.org/World/Authenticator If you've been selected for enforcement, I believe that there should be an accompanying email somewhere that may confirm your suspicion. Otherwise there doesn't seem to be any evidence to support the supposition that a phone number will be required in the future. |
@lainedfles owned by microsoft, and dont forget that you are training theyr AI, so u r making skynet. totp, security keys, gh mobile ? look like the other option are worse @Gojkira . thanks for the info lained. |
I don't care about privacy and whatnot, I just support this because I seriously prefer GitLab. I find it's significantly more powerful and versatile. |
This is true. It should also be noted that Gitlab has gotten a significant amount of funding from Google (https://techcrunch.com/2017/10/09/gitlab-raises-20m-series-c-round-led-by-gv). Five years later and I don't see either Github or Gitlab being negatively affected by their ownership/sources of funding so I think people may be overemphasising these points.
I'm not sure how you can interpret that TOTP and security keys are both worse than SMS 2FA for either privacy or security, |
true, i dont gitlab neither but better than gh. there is a number of big tech logos on the home page. |
github will require phone number to login, soon. So this with the other reasons, should make you consider move from github to gitlab or codeberg, or similar.
The text was updated successfully, but these errors were encountered: