As NPM has shown us all having a token on our machines can be a major security vulnerability to the platform. And further I now have to put this authentication token or my ssh private key (both of which should be private things) onto some shared severs and machines in order to be able to push changes from them. In the blog post there was zero reasons given for the decision apart from them saying it will have minimal impact on automated build systems and people who use other Microsoft products (VSCode, GitHub Desktop, etc.).
It seems Microsoft has made it intentionally difficult to provide feedback on their blog posts and I’ve seen nothing but negative responses to this decision on twitter so from this experience it seems to me that Microsoft really does not care about the GitHub community. Genuinely considering moving to one of the many other git hosting websites that actually cares about it’s users.
Using a authentication token generated by github might be painless for automated systems but for normal humans it’s a lot of steps to do something as simple as log in, especially when nearly every other platform treats it’s users like humans, allowing them to simply log in as needed