I've moved all our company Git repositories to GitHub and now I want to add employees to the projects. Since most employees already have personal GitHub accounts, I'm wondering whether I should ask them to create a work GitHub account. The reason that I'm thinking of doing this is to decrease the chances of unauthorized access to our code base since their personal accounts may be well publicized through their personal activity on the site, increasing chances of targeted attacks. Furthermore, if their personal account is ever compromised it won't mean the whole company code is accessible to the hijacker. Since this will bring the burden of maintaining two accounts for the employees I'm wondering whether it is the correct approach and whether it even makes sense. I would love to hear your opinions on this.
Update
Thanks for all the useful insights. I won't set an answer as accepted because of the subjective nature of the question/answers and since I took the best points from several different answers.
I have decided to go forward this way: I will remind employees that work-related GitHub e-mail notifications will have to be sent to their work e-mail accounts for practical reasons. Therefore it would make more sense to create work GitHub accounts. If they are willing to use their personal GitHub accounts and connect it to their work e-mail accounts then that's fine. In any case, employees will have to agree in written form to a number of conditions tied to using GitHub. These are related to account security: choosing a secure password using a secure random password generator that is not used with any other account, not accessing GitHub through computers not owned or administered by them, etc. At the end of the day employees will have to decide themselves whether a work account makes more sense for them or not.
Best Answer
If there was a benefit, it would merely be painful. But nothing sucks worse than painful and pointless. Just have the single personal account. Two reasons:
Github has incredibly good access control in their organizations. If an employee leaves, you can instantly remove their access. If they had a company account, you'd have to reclaim the account somehow to get the stated benefits. In practice, you'd probably just remove the account access, same as if they had a personal account.
Having more than one account is painful. Logging in and logging out between accounts hurts, and adding comments, following, and all the social stuff when you use different accounts.
References: I make a CI server that has GitHub integration, so I have about a lot of test accounts, and I've talked to customers with all sorts of weird configurations, including separate work accounts and personal accounts. It always leads to trouble.