GitHub also stated that the usage of two-factor authentication (2FA) for login and package publishing on NPM will be made simpler, in addition to the possibility to link Twitter and GitHub accounts as an authentication mechanism.
According to the blog post, NPM previously trialed the usage of improved 2FA logins in a public beta version, but after receiving community input, concluded that some features should be modified to be more user-friendly. This includes the addition of a “remember me for 5 minutes” option, allowing users who successfully authenticated to suppress 2FA prompts for a limited time.
