Two-factor authentication in GitHub is pretty simple to set up, though the exact steps are layed out in maybe 3 different articles. I’ve consolidated them all together to this one simple guide.


Enable 2FA

Enable 2 factor authentication on the GitHub website (Settings → Security → Two Factor Authentication).

Prepare your phone

Install Google Authenticator. Works for iOS and Android. In Authenticator, tap Add, then Scan Barcode. Take a picture of the QR code on your computer. (More info on apps)

Enable git credential caching

On your computer, enable caching your GitHub HTTPS credentials. This allows you to store your 2FA token and not get asked for it everytime.

git config --global credential.helper osxkeychain   # OSX
git config --global credential.helper cache         # Linux

Generate an API key

Generate a GitHub API key under “Personal Access Tokens”. You’ll use this for the Git command line. Leave the scopes unchanged.

Use HTTPS on your repos

If your git repos still use SSH ([email protected]:user/repo.git), change them to use HTTPS (https://github.com/user/repo.git). (More info on remote URLs)

cd project
vim .git/config

Git push

Push a repo. You’ll be asked for a password. Use the token for the password. You won’t have to do this again if enabled credential caching.

$ git push
Username for 'https://github.com': rstacruz
Password for 'https:[email protected]':

Save your recovery codes

Get your recovery codes (Settings → Security → Two Factor Authentication → Recovery Codes) and put them somewhere safe. This will allow you to log onto your account when, say, your phone isn’t charged. (More info on recovery codes)

That’s it!

If everything worked, your git push should work. Further reading below: