GitHub recommended selecting strong, unique passwords, but also advised turning on two-factor authentication. GitHub supports a mobile-phone based authentication app to generate one-time login codes as well as SMS text messages delivering single-use codes. A few months ago, GitHub added support for YubiKey for users who prefer hardware-based authentication.
With so much exposed password data, it's easy for criminals to test stolen credentials against other sites. There is no safe way to reuse passwords. Turn on two-factor authentication wherever possible and use password managers to help generate and store strong and complex passwords.
Sign up for CIO Asia eNewsletters.