eesmith

I'm one of the weirdos who doesn't have a smart phone. What are my options?

I went to the page on "configuring 2FA for your account" at https://docs.github.com/en/authentication/securing-your-acco... and it was ... not that helpful. All of the options seemed to depend primarily on mobile phones or text messages.

I guess I need to use text messages?

The linked-to article says there are other options, like physical security keys, but the GitHub page says:

> After you configure 2FA, using a time-based one-time password (TOTP) mobile app, or via text message, you can add a security key, like a fingerprint reader or Windows Hello.

and at https://docs.github.com/en/authentication/securing-your-acco...

> For GitHub, the second form of authentication is a code that's generated by an application on your mobile device or sent as a text message (SMS).

ThrowawayTestr

Install a desktop authenticator app.

eesmith

How would I use it for GitHub? The documentation says "mobile device."

I've never used these these programs before, and don't understand how they go together. How do I configure the app to connect to GitHub? How does the app help me log in? Do you have a pointer to a step-by-step walk-through?

johdo

They give you a secret, in the form of a QR code (for smartphone users) or a text string.

You put the secret string in a password manager that supports one time code generation, like Gopass or KeepassXC.

When you login with your user name and password, the 2FA adds a second step where it asks for a "one time code", which your password manager provides. That code is temporary and only works for a short time frame.

In my case I use Gopass ( https://github.com/gopasspw/gopass ) and it's as simple as adding a field like

---

totp: thesecretstringblahblah

at the end of my password entries and the app will treat that field as the source to generate one time codes. There's a browser addon and all I have to do is click the one time code and CTRL+V it into the field.

eesmith
Thank you for the details, and pointer to a solution. I've just installed gopass.

I also (in looking through other threads) found https://github.com/gopasspw/gopass and by reading the code learned how TOTP works.