Skip to main content
我们经常发布文档更新,此页面的翻译可能仍在进行中。有关最新信息,请访问英文文档。如果此页面上的翻译有问题,请告诉我们
Enterprise Server 3.1
简体中文
� 
Authentication
Enterprise Server 3.1
简体中文

� 

此版本的 GitHub Enterprise 已停止服务 2022-06-03. 即使针对重大安全问题,也不会发布补丁。 要获得更好的性能、改进的安全性和新功能,请升级到 GitHub Enterprise 的最新版本。 如需升级方面的帮助,请联系 GitHub Enterprise 支持

Configuring two-factor authentication

本文内容

You can choose among multiple options to add a second source of authentication to your account.

You can configure two-factor authentication using a mobile app. You can also add a security key.

We strongly recommend using a time-based one-time password (TOTP) application to configure 2FA. TOTP apps support the secure backup of your authentication codes in the cloud and can be restored if you lose access to your device.

Warning:

  • If you're a member or outside collaborator to a private repository of an organization that requires two-factor authentication, you must leave the organization before you can disable 2FA on 您的 GitHub Enterprise Server 实例.
  • If you disable 2FA, you will automatically lose access to the organization and any private forks you have of the organization's private repositories. To regain access to the organization and your forks, re-enable two-factor authentication and contact an organization owner.

Configuring two-factor authentication using a TOTP mobile app

A time-based one-time password (TOTP) application automatically generates an authentication code that changes after a certain period of time. We recommend using cloud-based TOTP apps such as:

Tip: To configure authentication via TOTP on multiple devices, during setup, scan the QR code using each device at the same time. If 2FA is already enabled and you want to add another device, you must re-configure 2FA from your security settings.

  1. Download a TOTP app.

  2. 在任何页面的右上角,单击您的个人资料照片,然后单击 Settings(设置)

    用户� �中的 Settings 图� �

  3. 在左侧边� �中,单击 Account security(帐户安全)Personal account security settings

  4. 在“Two-factor authentication(双重身份验证)”下,单击 Enable two-factor authentication(启用双重身份验证)启用双重身份验证选项

  5. On the Two-factor authentication page, click Set up using an app.

  6. Save your recovery codes in a safe place. Your recovery codes can help you get back into your account if you lose access.

    • To save your recovery codes on your device, click Download.
    • To save a hard copy of your recovery codes, click Print.
    • To copy your recovery codes for storage in a password manager, click Copy. List of recovery codes with option to download, print, or copy the codes

  7. After saving your two-factor recovery codes, click Next.

  8. On the Two-factor authentication page, do one of the following:

    • Scan the QR code with your mobile device's app. After scanning, the app displays a six-digit code that you can enter on GitHub Enterprise Server.
    • If you can't scan the QR code, click enter this text code to see a code you can copy and manually enter on GitHub Enterprise Server instead. Click enter this code

  9. The TOTP mobile application saves your account on 您的 GitHub Enterprise Server 实例 and generates a new authentication code every few seconds. On GitHub Enterprise Server, on the 2FA page, type the code and click Enable. TOTP Enable field

  10. 在保存恢复代� �并启用 2FA 后,建议注销并重新登录您的帐户。 如有问题,例如忘记密� �或输错电子邮件地址, 您可以使用恢复� �访问您的帐户并更正问题。

Configuring two-factor authentication using a security key

配置 2FA 后,使用基于时间的一次性密� � (TOTP) 移动应用,您可以添� 安全密钥,如指纹读取器或 Windows Hello。 启用安全密钥身份验证的技术称为 WebAuthn。 WebAuthn 是 U2F 的继承者,适用于所有现代浏览器。 更多信息请参阅“WebAuthn”和“我可以使用”。

On most devices and browsers, you can use a physical security key over USB or NFC. Some browsers can use the fingerprint reader, facial recognition, or password/PIN on your device as a security key.

Authentication with a security key is secondary to authentication with a TOTP application. If you lose your security key, you'll still be able to use your phone's code to sign in.

  1. You must have already configured 2FA via a TOTP mobile app.

  2. Ensure that you have a WebAuthn compatible security key inserted into your computer.

  3. 在任何页面的右上角,单击您的个人资料照片,然后单击 Settings(设置)

    用户� �中的 Settings 图� �

  4. 在左侧边� �中,单击 Account security(帐户安全)Personal account security settings

  5. Next to "Security keys", click Add. Add security keys option

  6. Under "Security keys", click Register new security key. Registering a new security key

  7. Type a nickname for the security key, then click Add. Providing a nickname for a security key

  8. Activate your security key, following your security key's documentation. Prompt for a security key

  9. Confirm that you've downloaded and can access your recovery codes. If you haven't already, or if you'd like to generate another set of codes, download your codes and save them in a safe place. If you lose access to your account, you can use your recovery codes to get back into your account. For more information, see "Recovering your account if you lose your 2FA credentials." Download recovery codes button

  10. 在保存恢复代� �并启用 2FA 后,建议注销并重新登录您的帐户。 如有问题,例如忘记密� �或输错电子邮件地址, 您可以使用恢复� �访问您的帐户并更正问题。

Further reading