In the ongoing effort to keep our users safe, we recently took inspiration from the Unix
sudo command. We wanted to require password confirmation for dangerous actions on GitHub.com, but we didn’t want to force you to be constantly entering your password.
Dangerous actions (e.g. adding email addresses or public keys) will now require password confirmation. If you’re deep in the zone and you’re doing a lot of these dangerous actions, we’ll only ask you to re-authenticate every few hours.
With this balance of security and convenience, we help you keep your account safe, without getting in your way. Feedback is always welcome. Enjoy!