The removal of password authentication support by GitHub on August 13, 2021, was a bit of an overreaction. But it’s not hard to make a GitHub personal access token and use it instead. Just make the personal access token on GitHub and put it in when Git asks for your password.
Follow the guide on how to get your GitHub Access Token in this article!
Table of Content
Things You Should Know About GitHub Access Token
- Personal access tokens are an alternative to passwords for GitHub Enterprise Server authentication when utilizing the GitHub API or command line.
- Personal access tokens are used to gain access to GitHub resources on your behalf.
How to Get GitHub Access Token
Follow these steps to create a personal access token on GitHub:
- Log in to the administrative console online.
- Click the “Settings” link under your GitHub user profile (not the repository profile).
- Scroll down and select “Developer Settings.”
- Click the “Personal access tokens” link on GitHub.
- If necessary, click the “Generate new token” link and enter your password again.
- In the “Note” field, give the GitHub personal access token a name.
- Set the expiration timeout of the access token to “No expiration.”
- To grant your GitHub token full repository access, check the box next to each permission scope.
- Click the “Generate token” button.
- Copy the GitHub Personal Access Token and use it as your Git push password.
GitHub Personal Access Token Functions
Your password is replaced by the GitHub personal access token. When you do something in Git that needs credentials, like a “push,” you will be asked for your username and password.
- Simply enter the name of your GitHub account as the username.
- Enter your GitHub personal access token as the password.
How to Use GitHub Access Token to Push
When you first push to GitHub, you are prompted for your username and password.
- To upload your files to GitHub, all you have to do is enter your GitHub username and access token.
- Your old credentials may be stored in the Windows Credentials Manager if you use Windows.
- Open this service, search for, and delete the web credential used by Git. Then, perform a new GitHub push.
- The new token will be saved by Windows the next time you perform a push with a GitHub personal access token.
- You won’t have to remember the GitHub token’s value for future Git push operations.
Tips
Two types of personal access tokens are currently supported by GitHub: fine-grained personal access tokens and personal access tokens (classic). Whenever possible, GitHub recommends using fine-grained personal access tokens instead of personal access tokens (classic). Fine-grained personal access tokens offer several security benefits over traditional personal access tokens:
- Each token is limited to accessing the resources of a single user or organization.
- Each token is restricted to specific repository access.
- Each token is granted granular permissions that provide more granular control than personal access tokens (classic).
- Each token must be equipped with an expiration date.
- Organization owners can require approval for any personal access tokens with fine-grained access to organization resources.
