I don't use OTP 2FA if U2F is available. Adding a physical token to a password manager is not an option.
Part of the problem is that GitHub is both a source code repository frontend (calling for tighter security) and a social network (calling for minimal security). So the cookie expiration policy makes sense for the former case but not the latter. A compromise might be letting the user mark a specific browser instance as trusted, so that the site can either set a longer expiration or else not ask for the second factor from that instance.
Anyway, was hoping someone had figured out which cookie held GitHub's token and knew a browser extension that could extend its lifetime. Not really looking to learn about password managers, which I already use.
Part of the problem is that GitHub is both a source code repository frontend (calling for tighter security) and a social network (calling for minimal security). So the cookie expiration policy makes sense for the former case but not the latter. A compromise might be letting the user mark a specific browser instance as trusted, so that the site can either set a longer expiration or else not ask for the second factor from that instance.
Anyway, was hoping someone had figured out which cookie held GitHub's token and knew a browser extension that could extend its lifetime. Not really looking to learn about password managers, which I already use.