jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-19 18:10:59 -05:00
Code Issues Projects Releases Wiki Activity

Users should also review their oauth apps when recovering a compromised account (#54870)

Browse Source
This commit is contained in:
Greg Ose
2025-03-18 22:25:52 -05:00
committed by GitHub
parent 3e0479467e
commit 147bef3a54
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
content/authentication/keeping-your-account-and-data-secure/preventing-unauthorized-access.md
View File

@@ -21,7 +21,7 @@ After changing your password, you should perform these actions to make sure that
* Enable two-factor authentication on your account so that access requires more than just a password. For more information, see [AUTOTITLE](/authentication/securing-your-account-with-two-factor-authentication-2fa/about-two-factor-authentication).
{%- ifversion passkeys %}
* Add a passkey to your account to enable a secure, passwordless login. Passkeys are phishing-resistant, and they don't require memorization or active management. See [AUTOTITLE](/authentication/authenticating-with-a-passkey/about-passkeys).{% endif %}
* Review your SSH keys, deploy keys, and authorized integrations and revoke unauthorized or unfamiliar access in your SSH and Applications settings. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/reviewing-your-ssh-keys), [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/reviewing-your-deploy-keys), and [AUTOTITLE](/apps/using-github-apps/reviewing-your-authorized-integrations).
* Review your SSH keys, deploy keys, and authorized OAuth apps and GitHub Apps and revoke unauthorized or unfamiliar access in your SSH and Applications settings. For more information, see [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/reviewing-your-ssh-keys), [AUTOTITLE](/authentication/keeping-your-account-and-data-secure/reviewing-your-deploy-keys), [AUTOTITLE](/apps/oauth-apps/using-oauth-apps/reviewing-your-authorized-oauth-apps), and [AUTOTITLE](/apps/using-github-apps/reviewing-your-authorized-integrations).
{% ifversion fpt or ghec %}
* Verify all your email addresses. If an attacker added their email address to your account, it could allow them to force an unintended password reset. For more information, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/verifying-your-email-address).
{% endif %}