Best practices for private and professional accounts #22335
-
Hello, I searched for a while now but found no clear answer. My question is now if this can also be enforced by the company. Even if there is no access to repos anymore it may become a problem if someone commits suspicious code under your company domain. Any hints how to handle this? Malte |
Beta Was this translation helpful? Give feedback.
Replies: 4 comments
-
I don’t exactly get your question, but can provide you with the following information: You can associate as much mail addresses to your GitHub account as you want. If you go trough a verification process, you can also verify your linked mail addresses. That is a good thing, because I can make a commit using Git with your mail address right know. But since your mail address is tied to your account, the contribution is yours. You can always add or remove mail addresses to your account. A company can not enforce mail address removal from an account they don’t have the credentials of. And yes, you should use a seperate account for work/private. More information: https://help.github.com/articles/about-commit-email-addresses/ If you have any more questions, I’d be happy to hear. |
Beta Was this translation helpful? Give feedback.
-
Hi Mark, thank you for your help. My question was how to claim a domain (for mails) from a company perspective. Let’s use this example:
I think this is a “edge case” and I hope never to come into this situation. Nevertheless it would be quite important to know. Because of this I’m searching for an option to “whitelist” the usage of this (mail)domain only for active colleagues.Also a second user would not help on this issue, why the question would be even more interesting. Are there any hints how to work with this? Or just accept the risk? Many thanks Malte |
Beta Was this translation helpful? Give feedback.
-
From a management perspective, I would do the following:
At this point, publicly, the account has no relation to your company except the mail address. But that only indicates to users that this person ever had access to that mail address and doesn’t prove much. I wouldn’t be bothered by it. However, if you are paranoid enough for it, you can just buy a cheap domain like fkdjslkdjfklsdjf.com and let your employees use that domain as a commit mail address. As for creating multiple accounts - I don’t think I would be a big fan of letting users use their personal accounts at work, but on the other hand it isn’t that big of a deal either. Just as with the mail addresses, just make sure to remove employees that have left the company from the GitHub organization. |
Beta Was this translation helpful? Give feedback.
-
Hey Mark, thanks a lot for you answer. These helps me a lot. :slight_smile: Many regards Malte |
Beta Was this translation helpful? Give feedback.
From a management perspective, I would do the following:
At this point, publicly, the account has no relation to your company except the mail address. But that only indicates to use…