Token authentication requirements for managing organisations in github? #23414
-
OK, so I’ve been notified of the fact that password-based access to Git is ending:
Token authentication requirements for Git operations | The GitHub BlogBeginning August 13th, 2021, we will no longer accept account passwords when authenticating Git operations on GitHub.com and will instead require token-based authentication (for example, a personal access, OAuth, or GitHub App installation token) for... but what’s happening regarding managing organisations and members’ access rights, etc.? Currently if I want to change stuff in the github organisations I own, Github prompts me for a password. What’s going to happen in future? This doesn’t seem to be covered by any of the details on how to set up personal access tokens, because e.g. this page: doesn’t talk about managing stuff in Github via the browser, it appears to be just about Github access via the command line. Thanks |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
The language used in these blog posts is a little confusing. A “Git operation” refers to an activity performed against github.com as a git server and not an activity performed on the website. For example, The GitHub website already takes advantage of improved security because GitHub control it end to end, so the changes described in these blog posts will not impact the GitHub website, only the git server and the GitHub API. Hopefully future announcements from GitHub will mention this nuance :slight_smile: So in summary, this does not have any impact on managing repository access rights etc. – you will continue to use your password as-is. |
Beta Was this translation helpful? Give feedback.
-
Great! Thanks very much for a comprehensive and comprehensible answer. Louise |
Beta Was this translation helpful? Give feedback.
The language used in these blog posts is a little confusing. A “Git operation” refers to an activity performed against github.com as a git server and not an activity performed on the website. For example,
git push
is an authenticated Git operation: today you cangit push
to github.com with a GitHub username and password but from August 2021 you will need to use a username and token.The GitHub website already takes advantage of improved security because GitHub control it end to end, so the changes described in these blog posts will not impact the GitHub website, only the git server and the GitHub API. Hopefully future announcements from GitHub will mention this nuance :slight_smile:
So in…