Github Passkeys

• Hello from China

Hello from China

Ever since moving to a country who's phone service network is largely ignored by the sms 2fa movement I have become passionate about trying to get around 2fa blocks that require your telephone number as second factor. Here is how you can use KeepassXC to be your Passkey Authority.

1. Login to your Github account and enable two-factor authentication from the Settings > Password and authentication.
2. Get your two-factor secret by clicking the phrase setup key right after Setup authenticator app above the QR code.

3. Copy your secret key that is being displayed above, right click your Github entry in KeepassXC and select TOTP > Set up TOTP and place the secret code under Secret Key input box. Use the Default settings (`RFC 6238``) for the mean time then click OK.

4. Right click your Github entry and select TOTP > Copy TOTP, then paste the generated TOTP under Verify the code from the app on the Github Passkey setup page.
5. Save the recovery codes since you may require one of these codes to authenticate to Github as an alternate/recovery method in the event of loss of device etc.