I've been forced by github to enable 2FA with the following banner:
GitHub users are now required to enable two-factor authentication as an additional security measure. Your activity on GitHub includes you in this requirement. You will need to enable two-factor authentication on your account before October 12, 2023, or be restricted from account actions.
Fortunately, i managed to make the switch using the FLOSS oathtool, a non-bloated CLI program written in C.
Once you click the "Enable 2FA" button, github presents you a barcode and a link to uncover the embedded "setup key". All you really need is the setup key, which as it turns out is Base32-encoded. The next step is to enter a 6-digit code supplied by the TOTP app. Here it is extremely important that your system clock is correct, best to sync with NTP directly before use.