GitHub account setup — for non-developers, with 2FA and the right defaults
A clean GitHub account, two-factor authentication, the right visibility defaults, and a brief on what a 'repo' actually is. CW-2 attendees only.
If you've never used GitHub, it can feel like walking into a developer's clubhouse. It's not — it's just file storage with version history and a polite interface. By the end of this guide you'll have a GitHub account set up properly: two-factor authentication enabled, a sensible username, and the right defaults so your CW-2 repository starts private (where you want it) instead of public (which would surprise you later).
What GitHub actually is
GitHub is a website where your code lives. When you make a change, GitHub keeps a snapshot — so you can always go back. When you deploy on Vercel (CW-2's host), Vercel pulls the latest snapshot from GitHub automatically. That's the whole loop you need to understand: you talk to Claude Code → it changes files → those files get snapshotted to GitHub → Vercel rebuilds your site.
You don't need to learn 'Git' (the underlying technology). Claude Code handles all the Git commands for you. What you need is the account, two-factor authentication, and the discipline to keep your repo private until you decide otherwise.
Step-by-step
1.Sign up at github.com/signup
Go to https://github.com/signup. Enter your email, a strong password, and pick a username.
On the username choice: this becomes the URL of your code (e.g. github.com/yourname/yoursite). Pick something professional. Your real name is fine. If your name is taken, append a country code (e.g. haojun-sg) or a number (haojun01 — avoid; it reads as throwaway).
Don't pick a clever handle you'll regret
Your GitHub username appears on every repo URL you'll ever make. 'cryptobruh99' was funny at 22; less funny on a sales page at 35. Pick something you'd be comfortable putting on a name card.
2.Verify your email and prove you're human
GitHub sends a verification email and asks you to solve an Octocat puzzle (rotate the cat to face the right way — five times). It's deliberately annoying so bots can't sign up at scale.
After verification, GitHub asks personalisation questions (programming experience, what brings you to GitHub). Skip these or answer briefly — they don't matter for your CW-2 work.
3.Enable two-factor authentication
GitHub requires 2FA on all accounts by mid-2026. Even if it doesn't force you immediately, set it up now — it takes 3 minutes and saves you from having your account compromised later.
Click your avatar (top-right) → Settings → Password and authentication. Click 'Enable two-factor authentication'.
You have two options: an authenticator app (recommended) or SMS. Use an authenticator app — 1Password, Authy, Google Authenticator, or your phone's built-in (iOS Passwords, Android equivalent) all work.
Save your recovery codes
GitHub gives you 16 single-use recovery codes when you enable 2FA. Print them and put them somewhere physical, or save them in your password manager. If you lose your authenticator and don't have these, GitHub support takes weeks to verify identity. Don't skip this.
The Password and authentication page shows a 'Two-factor authentication' section near the top with a green 'Enable' button. After enabling, it shows your recovery codes — save them.
4.Set your default repository visibility to private
By default, when you create a new repo from the web UI, GitHub asks each time. But from the command line (which Claude Code uses), the default matters.
Settings → Repositories → Repository creation. Set 'Default visibility' to 'Private'. Save.
Now every repo Claude Code creates via gh CLI starts private. You can flip it public later when you're ready.
5.Install the GitHub CLI (`gh`)
On macOS, the cleanest install is via Homebrew. If you don't have Homebrew yet, the gh installer will tell you to install it first.
brew install ghOn Windows?
If you've followed our Windows install guide for Claude Code (you're in WSL2 with Ubuntu), run sudo apt install gh inside WSL. Native Windows: download the installer from https://cli.github.com.
6.Authenticate gh against your account
Once installed, run gh auth login in your terminal and follow the prompts.
- •Pick GitHub.com (not GitHub Enterprise).
- •Pick HTTPS (simpler than SSH for now).
- •Authorize via browser (gh opens it; sign in to GitHub, approve the device code).
gh auth login7.Test that everything works
Run gh auth status to confirm you're logged in. You should see your username and active scopes.
gh auth status
What you don't need to learn
- •Git on the command line (Claude Code handles all the commits and pushes).
- •SSH keys (we use HTTPS auth, which gh handles).
- •Branching, merging, rebasing (you won't need them for CW-2).
- •GitHub Actions, Codespaces, Copilot (out of scope; you'll know enough to enable them later if useful).
Troubleshooting
My preferred username is taken.
Append a clean suffix: -sg, -dev, or your initials. Avoid numbers (looks throwaway) or l33t spellings (dates badly). If your name is very common, consider initials + surname.
I lost my authenticator and don't have recovery codes.
Open a support ticket at https://support.github.com. They'll verify identity via government ID. Takes 2-7 days. Worst case you create a new account; you'll lose access to private repos but nothing critical for CW-2 v1.
gh auth login fails with 'requires interactive prompt'.
You're in a non-interactive shell (some IDE terminals do this). Open Terminal.app (macOS) or PowerShell (Windows) directly and run gh auth login there.
I see 'API rate limit exceeded' errors.
You're not authenticated and gh is using anonymous limits. Run gh auth login first.
Want to do this with us in the room?
Bring your real project to a full-day workshop and leave with it shipped.
See the workshops