publication

Github - User Access Token instead of Passwords

Miquel Canal

Thursday 8, April 2021
  • git
  • Information and Security

Github Authentication: Migrate from Passwords to User Access Token.

In July 2020, Github announced its deprecation of user passwords for all Git operations. From August 13, 2021, Github will no longer accept passwords when authenticating Git operations. Git operations and workflows that will be affected:

Once the GitHub passwords get deprecated, Git operations that use authentication will require the use of token-based (GitHub User Access Token). The motivation behind this decision from GitHub is to increase user’s security from malicious attackers. Of course, SSH keys will still be available if that is your preference.

The main benefits of using GitHub User Access Token are:

  1. Access Tokens are unique and can be generated automatically from GitHub UI.
  2. GitHub User Tokens are revocable, meaning it can be revoked at any time without affecting the login credentials.
  3. GitHub tokens allow to limit the scope of action, ensuring that they give access to required actions only.

How to Create a GitHub User Access Tokens?

GitHub User Tokens can be created from the command line or with the API. These are the easy steps to create a GitHub User Token:

  1. Verify your email account. This is the one associated with your login credentials.
  2. On GitHub UI, click on your profile icon and navigate to Settings.
  3. In the Settings section, navigate to “Developer settings” and then to “Personal access tokens”.
  4. Now click on the “Generate new token” button. You might be prompted to introduce your password.
  5. You must give your token a descriptive name and then select the permission scope. This will allow you to select which actions can be executed using this token.
  6. Finally, click on the “Generate Token” button to create your User Access Token.

It is important to understand that tokens are like passwords. They shouldn’t be shared easily and you must keep them safe. Great power comes with great responsibility.

References

How to change the author of a commit

How to change the author of a commit

4 easy steps to change author name of a commit after push. Learn to use the rebase command and differences between git rebase and git merge.

How to Change Git User Name and Email

How to Change Git User Name and Email

Easy steps to configure a Git repository and change the Git user name and email. A review of git's config object and how to retrieve information from a git repository using the git config command.

GDPR: General Data Protection Regulation

GDPR: General Data Protection Regulation

The basics of the new regulation law for user privacy and information security inside the EU.

This site uses cookies to ensure a great experience. By continue navigating through the site you accept the storage of these cookies.