Problems with SMS 2FA ?

[Amapola-Negra]

Hi everybody. I have entered in my account today and I have the following messagge: " Please configure another 2FA method to reduce your risk of permanent account lockout. We strongly recommend against SMS as it is prone to fraud and delivery may be unreliable depending on your region." I don't know what have changed since I configured the SMS. My country is amongst thouse in which SMS are alowed according to GitHub list. So I don't understand why my account could be blocked. First of all I want to know if this is just a recommendation or an obligation, I have an app in my mobile to generate 2FA is there any way I could use it for GitHub? I have seen as well there is a way to use a security Key as a 2FA but I don't know how to. Thanks in advance, I would appreciate any help with this.

Regards

[davevad93]

Hi @Amapola-Negra ,

The warning is a bit confusing, it basically indicates that it's recommended to use more than one 2FA method and avoid using SMS authentication for security reasons. I've added authentication via Mobile App and the warning no longer pops up.

For further reference, there was a discussion about this a few days ago. #129189

[Amapola-Negra]

Well. It appeards to highlight the same concern regarding the account blocking or cancel, and no answer. Any clue?

I want to know ho to use security keys with 2FA. Thanks again, :)

[davevad93]

@Amapola-Negra I think that the following warning "Please configure another 2FA method to reduce the risk of permanent account lockout" concerns adding an additional 2FA method to reduce the risk of losing your account in case of hacking and avoiding SMS authentication because isn't very safe, (I've seen many people here in the last few months claiming that their account was hacked). I highly doubt that means GitHub will directly lock an account if the above conditions aren't met, it's just an informative warning, but that's only my impression, to be 100% sure we would need a confirmation from someone from the staff. About using security keys with 2FA sorry but I'm currently not using that as a 2FA method, I'm using the Authenticator app as the main authentication method and it works fine. You can activate several 2FA methods and choose the one you prefer on the main login page.

[Botneyboy]

Hi @Amapola-Negra ,

The warning is a bit confusing, it basically indicates that it's recommended to use more than one 2FA method and avoid using SMS authentication for security reasons. I've added authentication via Mobile App and the warning no longer pops up.

For further spack uninstall -ay
spack compiler rm gcc@12
spack install hdf5
spack install zlib%clang, there was a discussion about this a few days ago. #129189 spack uninstall -ay
spack compiler rm gcc@12
spack install hdf5
spack install zlib%clang

[biofsphere]

I did try to configure another 2fa method by choosing SMS Message on my mobile phone. However, I was unable to register my phone number as the international code for Brazil is missing from the countries list provided by GitHub.

[maxpopovitch]

My country (Ukraine) is not in the list of countries to setup another 2FA via SMS/Text message. Could you please add it?

[wmport]

My country (Ukraine) is not in the list of countries to setup another 2FA via SMS/Text message. Could you please add it?

Good 👍.
long answer github ((