High-impact package maintainers now require 2FA

Starting today, two-factor authentication (2FA) will be enforced for maintainers of all high-impact npm packages. A package is marked as a high impact package when they have more than 1 million weekly downloads or have more than 500 dependents. Maintainers of such packages will be notified 15 days in advance to enroll for 2FA.

To learn more about configuring 2FA, see Configuring two-factor authentication.
To learn more about 2FA in general, see About two-factor authentication.
For questions and comments, open a discussion in our feedback repository.

JUN.15Improvement
Copilot usage metrics now include more of your active users
- Account Management
JUN.10Improvement
Enterprises can now create up to 500 cost centers
- Account Management
JUN.4Release
Budget and usage management APIs now generally available
- Account Management
MAY.29Improvement
Copilot usage metrics API adds cohorts for AI adoption
- Account Management
MAY.20Improvement
Copilot usage metrics reports now use GitHub-owned download URLs
- Account Management
MAY.14Release
Team-level Copilot usage metrics now available via API
- Account Management
MAY.8Release
Copilot code review comment types now in usage metrics API
- Account Management
APR.23Release
Copilot cloud agent fields added to usage metrics
- Account Management
APR.22Improvement
Copilot code review user counts now aggregate in usage metrics API
- Account Management

High-impact package maintainers now require 2FA

Related Posts

Subscribe to our developer newsletter