GitHub now supports Web Authentication (WebAuthn). WebAuthn, a WC3 API for accessing public key credentials, is seen by many as the new standard for secure authentication across the web. GitHub has adopted the standard and sees it as an opportunity to include two-factor authentication on GitHub from more browsers and devices than ever before.
WebAuthn opens an unprecedented number of browsers for use with physical security keys on GitHub. Further, users can now use laptops and phones as the security key (no need for a separate physical key). Devices using the following browsers can register the device today: Microsoft Edge on Windows, Chrome on macOS, Chrome on Android. All three installations require the biometric capability to act as a physical key. GitHub will update this list as more browsers and devices start supporting WebAuthn.