Dealing With GitHub Password Authentication Deprecation

Don’t wait until the last day to update your GitHub authentication method

As  GitHub announced in December 2020, it will no longer accept account passwords to authenticate Git operations beginning on August 13, 2021. In other words, password authentication has been depreca1. Personal Access Token Authentication

First, let’s delve into PATs (Personal Access Tokens). Then, you will see how to configure PAT-based authentication for your GitHub repositories. A proper PAT is characterized by the following four features:

  1. Unique: It is distinctive to GitHub and can be generated per device or usage.
  2. Revocable: It can be individually revoked at any time without needing to update any credentials.
  3. Limited: It is narrowly scoped by definition and provides access only to a limited set of operations.
  4. Random:Unlike passwords, it is not subject to dictionary or brute force attacks.

Please note that you should treat PATs like passwords. Keep them secret and use them as environment variables instead of hard-coding them into your applications.

Now, let’s see how to change your GitHub remote authentication from password to Personal Access Token.

  1. Verify your email address.
  2. In the top right corner of any GitHub page, click on your profile photo and then on “Settings.”

ted and will no longer work.

It will be replaced by either of the two following methods:

  1. Personal Access Token Authentication
  2. SSH Key Authentication

Let’s see what you need to do to avoid authentication problems and adopt one of the two proposed solutions.

#security #github #cybersecurity #programming #sofware-development

Dealing With GitHub Password Authentication Deprecation