Github is now requiring 2 factor authentication for users that have commit access to repositories (I expect that is most everybody!) Since if you want to make changes to Fritzing you need to make commits here is how I enabled 2FA on github (since it is neither easy nor well documented.) I choose to not use SMS messages for 2fa so that option won’t be covered here. Thus I need an application to do 2FA and the recommended one is https://keepassxc.org/ so that is what I used. It is open source and available for Windows, Linux and the Mac so is a good match for Fritzing. Since I’m on windows these instructions are for a windows install.
- download the app
then run it. Accept the licence agreement, then on the next screen change from
this stops autoloading keepassxc on startup (which will require you to enter the database password at each startup!) and enables a desktop shortcut because if you want to access github you are going to need to start keepassxc and enter the database password. I don’t use github all that often so this is the most convienient option for me. Then click install. That does the install and ends in this screen
click finish and keepassxc starts. Follow the instructions here:
first select Create new database
I just used the defaults here
here I let the app set a password by clicking the circled in green icon
which generates a long password. Here I clicked copy password (circled in green) note you need to be prepared to store the password in a text file from the clip board quickly because it will erase the clipboard in about 30 seconds!
once you have copied and saved the password, click apply to set the password (you will need this password later to open the database!)
then click done on the original screen.
next comes a request for where to store the database, I again just took the suggested default. and clicked save.
That should take you here:
and you have an unlocked database with the keepassxc app running. Now you need to add the keepassxc app to your browser (I use firefox so that is what this will look like, the others are detailes in the getting started document above!)
then you need to allow it to connect to keepassxc, so click on the circled icon and select connect
which brings up a pop up window in keepassxc requesting confirmation
so set a name and click Save and allow access
which should then produce this in Firefox
Now would be a good time to check that your machine is set to sync time via ntp. To do so click
Control panel->Data and time
then create an entry for github in keepassxc by clicking on Entry->New entry
then set up a github entry with your current github user name and password
which should create a new entry like this:
then select the entry and right click on it then select setup TOTP like this
click on that and you should get this
leave this open on your desktop because when you enable 2FA on github you are going to need to enter a code that it provides in the Secret Key box.
Now we can enable 2FA on github.
log in to github and enable 2FA by following these instructions:
when it comes to this page
click the setup_key icon which will display a code, copy that code to the clipboard and then paste it in to the secret key section of the keepassxc window we setup earlier. I also kept a copy of the code offline in case I need to reinstall keepassxc later. Also download and keep in a safe place the recovery keys (which will give you access if something happens to the keepassxc app and it can’t log you in!) Preferably print them out and store them securely. With the key entered in to keepassxc if you then click on the gitbub entry you should see a screen like this
type the code it displays (with no spaces!) in to the check output from app box (I unfortunately didn’t take a screen shot of this when I did it!) and make sure that the code is accepted (for me it was and all is well!) If the code isn’t accepted then you will need to not complete the 2FA install until you figure out why. Hopefully it will just work for you as it did for me. So with that completed let me log in to my account on github using 2FA:
then enter my user name and password which goes to this screen
in keepassxc on your machine, copy the number in the OTP field (690645 in this case) in to the box completes the login (as long as the code doesn’t time out first and the clocks match!) and I am logged in. Configuration complete. Web access to github configured. Now I need to figure out how to do the same on the command line to allow commits to occur from Cygwin, but I should be able to configure that later (and document it here!)