Last week, GitHub announced a new application for macOS that emulates a FIDO U2F Security Key. If you install this application and configure it, you can log into GitHub with 2FA without SMS. This is fantastic. Not only is it more convenient, but more importantly, it’s more secure because it removes carrier social engineering shenanigans from entering the picture whatsoever.
My only complaint is this: I have Do Not Disturb scheduled from 3:00 AM to 2:59 AM (i.e. perpetually). GitHub’s app shows an alert with a clickable button, but that alert doesn’t appear when Do Not Disturb is enabled. I have to temporarily disable it in order to authorize the emulator. Fortunately this is just two clicks though so it’s not that big a deal.