Ensure GitHub organization security settings require 2FA

Error: GitHub organization security settings does not include 2FA capability
Bridgecrew Policy ID: BC_ORG_GITHUB_1
Checkov Check ID: CKV_GITHUB_1
Severity: HIGH

GitHub organization security settings does not include 2FA capability

Description

Organization owners can require organization members, outside collaborators, and billing managers to enable two-factor authentication for their personal accounts, making it harder for malicious actors to access an organization's repositories and settings.

Fix - Buildtime

GitHub

Enforce two-factor authentication:

  1. In the top right corner of GitHub.com, click your profile photo, then click Your organizations.
  2. Next to the organization, click Settings.
  3. In the "Security" section of the sidebar, click Authentication security.
  4. Under "Authentication", select Require two-factor authentication for everyone in your organization, then click Save.