All users need to setup 2 Factor Authentication 2FA

[tjmcmahon]

Everyone on GitHub needs to setup 2FA as soon as possible. If we don't set up 2FA for the organization github will delete us. Once I setup 2FA for the organization and you haven't setup 2FA for yourself you will be deleted from the organization.

Log into your account and click the icon in the upper right corner.
Click on settings.
Click on Password and Authentication
There are several methods you can use for 2FA (txt msg, Authenticator App, etc...)
Choose one of the methods and get yourself setup.

Please take care of this ASAP so we can get our organization into compliance.

[mgrinzPlayer]

from email they sent you:
Enrolling in 2FA is easy, and we accept several options including TOTP mobile apps, text messages (SMS), security keys, and GitHub Mobile.
They also provide this doc: https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication#configuring-two-factor-authentication-using-a-totp-mobile-app

That statement from email is slightly misleading. You can also use any TOTP desktop application. That TOTP application can be on totally offline machine, only requirement: current date and time must be set. Time difference must be not be bigger than 1.5 minutes, I would suggest not bigger than 60 seconds.

As of writing this, GitHub uses 30 seconds periods, and accepts codes generated in:

• currentTime-90seconds (this is 90 seconds old code, 120 seconds and older will fail)
• currentTime-60seconds
• currentTime-30seconds
• currentTime
• currentTime+30seconds
• currentTime+60seconds
• currentTime+90seconds

Your machine time, machine with executed TOTP application, doesn't have to be perfectly synchronized.