TOTP codes for 2FA are now single-use

During two-factor authentication and when entering sudo mode for sensitive actions on GitHub.com, TOTP codes could be successfully used multiple times within their validity window. To improve security, this reuse is no longer allowed on GitHub.com, and will be updated in GHES with version 3.10.

Systems that have attempted to script the login flow, across multiple parallel jobs, may break as a result of this change.

Learn more about two-factor authentication with TOTP.

JUN.15Improvement
Copilot usage metrics now include more of your active users
- Account Management
JUN.10Improvement
Enterprises can now create up to 500 cost centers
- Account Management
JUN.4Release
Budget and usage management APIs now generally available
- Account Management
MAY.29Improvement
Copilot usage metrics API adds cohorts for AI adoption
- Account Management
MAY.20Improvement
Copilot usage metrics reports now use GitHub-owned download URLs
- Account Management
MAY.14Release
Team-level Copilot usage metrics now available via API
- Account Management
MAY.8Release
Copilot code review comment types now in usage metrics API
- Account Management
APR.23Release
Copilot cloud agent fields added to usage metrics
- Account Management
APR.22Improvement
Copilot code review user counts now aggregate in usage metrics API
- Account Management

TOTP codes for 2FA are now single-use

Related Posts

Subscribe to our developer newsletter