Using Git securely

I had a bit of a panic today when I couldn’t “git push” any more.  I was getting authentication errors, even after entering my username and password.  And I use a password manager, so I knew I was getting my password right… unless it wasn’t pasting correctly…?  So I did what any well trained developer does, I Googled about a bit.

Then I stumbled across a thread on StackOverflow, about Two Factor Authentication, and I remembered that I had indeed activated Two Factor Authentication on GitHub.

If you haven’t, go and do it right now!  In GitHub’s own words…

We strongly urge you to turn on 2FA for the safety of your account, not only on GitHub, but on other websites that support it.

So, now that you’ve done that, you may well run into the problem that I did.  You now can’t authenticate on the command line!

Luckily GitHub aren’t stupid and they’ve already thought this through.  And the answer is… Personal Access Tokens.  Once you’ve created one, you then use this as the password when you authenticate on the command line.

Mine must have expired or something, because it suddenly stopped working today.  They’re not necessarily the easiest things to find though.  Go to GitHub and the follow this menu trail…

Profile Pic (top right corner) > Settings > Developer Settings (bottom) > Personal Access Tokens

They’re all links actually, so just click on the last one.  Then you can either click on “Generate New Token”, or if you’re trying to sort out an expired one like me, then find it and click on “Edit”.  Add/update the description, check the boxes for the bits you want to grant access to, and then click “Generate token” at the bottom of the page.  Voilà!

I then went back to the command line, typed “git push” once more, followed by my username and then the access token value when prompted for a password, and job done.

There’s also a helpful article on GitHub help pages which covers this, if you know what you’re looking for.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.