Option for Security Key Only 2FA

[MCterra10]

Select Topic Area

Product Feedback

Body

I would really like to be able to disable all 2FA options other than security keys.

I have both a primary and backup security key, plus restore codes saved in my password manager.

There are already a few cutting-edge sites out there such as Binance, Gemini, Vultr, Cloudflare and !!FACEBOOK!! which provide the option to disable other 2FA methods once two keys are registered.

With GitHub being such an enthusiast/tech professional centric website, I see no reason why this is not a feature which could be implemented.

I would even be in support of passwordless login as on option with security keys (restricted to trusted devices), like Binance has implemented.
Some companies issue employees with security keys for access to shared resources, so being able to have GitHub become a part of this ecosystem would be a great step forward.

Any comments welcome.

Thanks!

[ClaraLeigh]

There is a previous discussion on this too where it was marked incorrectly as solved.

See here: https://github.com/orgs/community/discussions/10861
The original thread should really be re-opened

[DNin01]

GitHub did say in a blog post that they were working on making it possible to use security keys as the primary second factor, so if I'm right, this option will be available soon.

In the future, you'll also find security keys there as an option for initial setup on supported devices and browsers.

Passkey support might also be interesting to you.

Lastly, we’re already testing passkeys internally, which we believe will combine ease of use with strong, phishing-resistant authentication. Keep an eye on this space for when this functionality is ready for you.