Github Passkeys
Hello from China
Ever since moving to a country who's phone service network is largely ignored by the sms 2fa movement I have become passionate about trying to get around 2fa blocks that require your telephone number as second factor. Here is how you can use KeepassXC to be your Passkey Authority.
- Login to your Github account and enable two-factor authentication from the
Settings
>Password
and authentication. - Get your
two-factor secret
by clicking the phrase setup key right after Setup authenticator app above the QR code.
- Copy your secret key that is being displayed above, right click your Github entry in KeepassXC and select TOTP > Set up TOTP and place the secret code under Secret Key input box. Use the Default settings (`RFC 6238``) for the mean time then click OK.
- Right click your Github entry and select TOTP > Copy TOTP, then paste the generated TOTP under Verify the code from the app on the Github Passkey setup page.
- Save the recovery codes since you may require one of these codes to authenticate to Github as an alternate/recovery method in the event of loss of device etc.