At Magento, security is a primary concern for us. As part of our commitment to enhancing security we will be requiring all Magento partners who contribute code to Magento on GitHub to have Two-Factor Authentication (2FA) enabled on their accounts.
Two-factor authentication adds an additional layer of security beyond just a username/password when you access GitHub. With 2FA, after you log into a service by providing your username and password, there is an additional step of providing a 2FA authentication code. This code can be provided by a mobile device or a two-factor application. This second form of authentication helps us ensure that a malicious user will not be able to gain access to your GitHub account with just your password. This keeps your access to GitHub secure and helps ensure that access to any private Magento GitHub repositories is also protected.
Two-factor authentication is being adopted as an industry-wide security best-practice and we at Magento are also moving in this direction. As of February 19th, 2018 all Magento partner accounts will need to have 2FA enabled for continued access to Magento private repositories.