Ensure the organization requires members to use Multi-Factor Authentication (MFA)

By default, every user authenticates within the system by password only. If a user's password is compromised, the user account and every repository to which they have access are in danger of data loss, malicious code commits, and data theft. It is recommended that each user has Multi-Factor Authentication enabled. MFA adds a layer of protection to ensure the account remains secure even if the user's password is compromised.

Risk Level: high
Platform: Github
Spectral Rule ID: GH-HRD038

REMEDIATION

set 'Two-factor authentication'.

SaaS:

  1. Go to https://github.com/organizations/<YOUR_ORGANIZATION_NAME>/settings/security.
  2. Go to section' Two-factor authentication'.
  3. Mark checkbox 'Require two-factor authentication for everyone in your organization'.

Read more: