You are not alone when it comes to inadvertently locking up your GitHub account. With Facebook's help, here comes one solution to this kind of problem - the new Account Recovery Elsewhere feature.
Secured websites like Facebook usually require people to sign up and log in to their own accounts for them to utilize the site to its full potential. GitHub is no different, being a secured website that requires people to have an account before making use of its project management platform and other features. That being said, it is very important to access an account both easily and securely - even more, if that account is regularly paid for - via a two-factor authentication, be it through mobile or desktop.
However, losing access to your GitHub account because of this is another story. This may be due to a number of reasons such as (1) forgetting your U2F key, (2) not authenticating it on another device before getting a new one, or (3) losing the ability to use another device for authenticating without any data backup. Thus, Account Recovery Elsewhere permits access to a GitHub account via a linked Facebook account, as posted on GitHub Engineering.
This new feature is simply an alternate method to prove ownership of a GitHub account, which is needed to disable the two-factor authentication and fully recover it. According to Tom's Hardware, this system was based on Facebook Security Engineer Brad Hill's DAR or Delegated Account Recovery protocol to ensure that users would never lose access to their GitHub account permanently. Further detailed on the same publication, there are five steps to using Account Recovery Elsewhere.
First, store a Facebook token on Security Settings. Then, confirm that this token will be stored. Next, get locked out from the account. And then, contact GitHub Support. Lastly, recover the account by logging in to Facebook and using the GitHub plug-in from its Security Settings.