Git password authentication deprecated #23219
-
Since using my GitHub password to push commits is deprecated - Token authentication requirements for Git operations - The GitHub Blog what is the optimal command line workflow now? One of the recommended ways is to use a personal access token but do I need to copy the generated token somewhere (since it is hidden in my GitHub profile after I generate it) and use it whenever I authenticate my password on a system? |
Beta Was this translation helpful? Give feedback.
Replies: 5 comments
-
reikdas:
Yes, you’ll need the token where you previously typed your password. I recommend keeping the token(s) in a password manager that stores them in encrypted form.
reikdas:
The memory cache described there keeps your password or token in RAM for a limited time, it’s not meant to store it permanently. |
Beta Was this translation helpful? Give feedback.
-
airtower-luna:
Is there a way to keep the token cached for a longer time period? |
Beta Was this translation helpful? Give feedback.
-
The documentation you linked (Caching your GitHub credentials in Git) describes how to change the timeout, but the RAM cache will never exist past something like a reboot. That’s a security feature. For long term storage, use a password manager (I like KeePassXC, personally). Technically Git also has the “store” credential helper, but note the warning there:
Which means in most cases it’s a bad idea, maybe with the exception of a machine that you use exclusively (NEVER anyone else) and that uses strong full-disk encryption. |
Beta Was this translation helpful? Give feedback.
-
airtower-luna:
I am not a fan of password managers, so I am trying to avoid going down that route.
airtower-luna:
I am the exclusive user of my computer, but I am not very comfortable with having the token lay around on my system in cleartext (but this is what I am opting for till I figure out a permanent solution to this - Thanks!) Is using ssh the only alternate left? I imagine that would allow me to enter my “GitHub” password once and not have to re-enter my password for that particular session? |
Beta Was this translation helpful? Give feedback.
-
reikdas:
That’s exactly why I recommend a password manager. Not the kind that uploads everything, the good kind that stores your passwords in encrypted form. 😉
reikdas:
SSH works only with public key authentication. You can store the key in encrypted form (similar to using a password manager) or unencrypted (similar to leaving the token on disk). |
Beta Was this translation helpful? Give feedback.
The documentation you linked (Caching your GitHub credentials in Git) describes how to change the timeout, but the RAM cache will never exist past something like a reboot. That’s a security feature.
For long term storage, use a password manager (I like KeePassXC, personally).
Technically Git also has the “store” credential helper, but note the warning there:⚠️
Which means in most cases it’s a bad idea, maybe with the e…