Tried to sync some changes to my Trello repository on Github but got prompted for my credentials. I remembered activating two-factor authentication (2FA) just recent. Would I be prompted for the one-time-password (OTP)? No, a 401 unauthorized was the answer.

A quick google search learned me what I expected; create a token for the dumb older application. This can be done on https://github.com/settings/tokens. Leave the defaults for Visual Studio 2013 to commit and pull changes.

After you generate the token copy-and-past it into the credential dialog. Check the Remember my credentials or save the token somewhere because after you leave the page there is no way to retrieve the token itself. You can regenerate the token, but this means the old token is no longer valid. Other operations are updating the permissions or deleting the token.

Two-step authentication is becoming the standard. Tools like 1Password and Google Authenticator offer the one-time-passwords. Fallback to tokens is only temporary until all tools adapt to this new way of security.

References

Github and Visual Studio and two factor authentication</a [blogpost]
1Password, password manager with OTP
Google Authenticator, google implementation for OTP