Hello there,
The jenkinsci administrators have recently received a message from GitHub, that will enforce 2FA setting for more people. It's not related to our settings but a process GitHub is pushing to enforce better security.
The next wave will be for users who have published at least one release in the past. Also note that the scope will increase over time.
For the jenkinsci organization, ~75% of users in scope have already the 2FA in place.
Best regards,
Wadeck Follonier
Jenkins Security officer