GitHub is formally launching<\/a> its passkeys security feature into general availability, two months after first debuting it in beta<\/a>.<\/p>\n Passkeys offer cloud-synced authentication using cryptographic key pairs, allowing users to sign-in to websites and apps with the same screen-lock PIN or biometrics they use for their devices, or a physical security authentication key. It essentially combines the security benefits of passwords and two-factor authentication (2FA) into a single step, making it easier for people to access their online services securely.<\/p>\n Way back in May last year<\/a>, Google, Apple, GitHub\u2019s parent Microsoft and the FIDO Alliance teamed up to make passwordless logins a reality across devices, browsers, and operating systems, meaning that users won\u2019t have to re-enroll multiple times. And the companies have been gradually expanding passkey support<\/a> in the intervening months, with Google introducing support for Google Accounts in May<\/a>, while just today Microsoft revealed that Windows 11 will now enable users<\/a> to manage their passkeys.<\/p>\n And now, developers wanting to use passkeys in GitHub can do just that by heading to their account security settings, and hitting \u201cadd a passkey\u201d.<\/p>\n GitHub passkey Image credits<\/strong>: GitHub<\/p>\n<\/div>\n GitHub plays a pivotal role in the software supply chain, allowing millions of developers<\/a> and companies to collaborate on open source and proprietary software development projects. However, a spate <\/a>of cybersecurity incidents<\/a> have pushed the issue of software security to the forefront of political agendas around the world, including the<\/span> Biden administration which <\/span>issued an executive order<\/a> and <\/span>published a cybersecurity strategy<\/a> that called for large tech companies to ensure their systems are more robust.\u00a0<\/span><\/p>\n This led GitHub to require 2FA for all contributors starting back in March<\/a>, an onboarding process that\u2019s happening incrementally throughout the rest of 2023. And feeding into that, GitHub is now offering passkeys for individual developers to secure their personal accounts \u2014 which will be good news for any company that relies on open source components for the software.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div><\/div>\n![\"GitHub](\"https:\/\/techcrunch.com\/wp-content\/uploads\/2023\/09\/GitHubPasskey-copy.png\")
<\/p>\nSupply chain security<\/h2>\n