Popular code hosting site GitHub has announced that it is taking several new security measures. First, it is setting up its own version of HaveIBeenPwned, which tracks compromised passwords. Users whose login credentials have been stolen will be prompted to update their passwords when logging in.
In addition, the service plans to nag users to keep their two-factor authentication credentials up-to-date. It also made other security recommendations, such as using a hardware U2F key, a password manager and the Recover Accounts Elsewhere feature.