As GitHub announced in December 2020, it will no longer accept account passwords to authenticate Git operations beginning on August 13, 2021. In other words, password authentication has been deprecated and will no longer work.
It will be replaced by either of the two following methods:
Let’s see what you need to do to avoid authentication problems and adopt one of the two proposed solutions.
1. Personal Access Token Authentication
First, let’s delve into PATs (Personal Access Tokens). Then, you will see how to configure PAT-based authentication for your GitHub repositories. A proper PAT is characterized by the following four features:
- Unique: It is distinctive to GitHub and can be generated per device or usage.
- Revocable: It can be individually revoked at any time without needing to update any credentials.
- Limited: It is narrowly scoped by definition and provides access only to a limited set of operations.
- Random: Unlike passwords, it is not subject to dictionary or brute force attacks.
Please note that you should treat PATs like passwords. Keep them secret and use them as environment variables instead of hard-coding them into your applications.
Now, let’s see how to change your GitHub remote authentication from password to Personal Access Token.
- Verify your email address.
- In the top right corner of any GitHub page, click on your profile photo and then on “Settings.”
3. In the left sidebar of the “Settings” page, click on “Developer settings.”
4. In the left sidebar of the “Developer settings” page, click on “Personal access tokens.”
5. Click on “Generate new token.”
6. Give your token a name and select the scopes and permissions you would like to grant to it. Please note that if you want to use your token to access repositories from the command line, you have to select the “repo” option.
7. Click on the “Generate token” button and then insert your password as requested by GitHub.
8. Copy the token to your clipboard and store it in a safe place. Keep in mind that after leaving this page, for security reasons, you will not be able to see the token again.
After defining a valid PAT, you can use it instead of your password when performing Git operations over HTTPS.
For example, on the command line, you would enter the following:
git clone https://github.com/<USERNAME>/<REPO>.git Username: your_username Password: your_token
Plus, you can update your remote locally. First, remove your old remote by launching git remote remove origin
(assuming your remote is called origin
). Then, add it again in the following format:
git remote add origin git@github.com:<USERNAME>/<REPO>.git
Et voilà! You will no longer need to use your GitHub account password when performing Git operations. This way, you will avoid problems when it stops working.
2. SSH Key Authentication
Let’s see a step-by-step guide on how to change your GitHub remote authentication from password to SSH key.
- Generate an SSH key if you do not have one yet.
- Copy your SSH public key to your clipboard. You should be able to locate it in the hidden
.ssh
folder (C:\Users\<USERNAME>\.ssh
if you are a Windows user). Move there, open the.pub
file, and copy its content while being careful not to add newlines or whitespace. - In the top right corner of any GitHub page, click on your profile photo and then on “Settings.”
4. In the left sidebar of the “Settings” page, click on “SSH and GPG keys.”
5. Click on the “New SSH key” button.
6. Give your SSH key a descriptive title and paste what you copied during step 2 in the “Key” text area.
7. Click on the “Add SSH key” button and then insert your password as requested by GitHub.
To test that everything went as expected, launch the following command:
ssh -T git@github.com
You should receive this message:
Hi <USERNAME> ! You've successfully authenticated, but GitHub does not provide shell access.
Now, all you have to do is update your remote locally. First, remove your old remote by launching git remote remove origin
(assuming your remote is called origin
). Then, add it again in the following format:git remote add origin git@github.com:<USERNAME>/<REPO>.git
Et voilà! When trying to perform a Git operation related to your GitHub account, your SSH private key passphrase will now be requested instead of your account password.
Conclusion
GitHub password-based authentication has been deprecated and will soon no longer work. Starting August 13, if you want to perform a Git operation on your GitHub repositories, you will be using one of two methods that will replace it. Setting up Personal Access Token authentication or SSH Key authentication is not a complex task, and this article aimed to explain how to do just that.
Thanks for reading! I hope that you found this article helpful.