How can i properly assign the new token to windows credential ? i did the same thing in macos : put the token in the keychain access and it works, no more filling user/pass manually.
In windows 10 , i followed this link : Support for password authentication was removed. Please use a personal access token instead
at the local pc step:
For Windows OS ⤴ Go to Credential Manager from Control Panel => Windows Credentials => find git:https://github.com => Edit => On Password replace with with your GitHub Personal Access Token => You are Done
If you don’t find git:https://github.com => Click on Add a generic credential => Internet address will be git:https://github.com and you need to type in your username and password will be your GitHub Personal Access Token => Click Ok and you are done
it's all set up but when i do 'git push' or 'fetch' etc. It awalys keep asking for user/passwd again and again. In contrast with what i set in my mac, once it's in the keychain then git will grab that passwd automatically without asking again and again.
It's a simple process.
A) Create a personal-access-token (PAT)
For that, go to github.com/YOUR_USERNAME
(note that the process doesn't work on gist.github.com/YOUR_USERNAME)
go to your profile (the rightmost icon), there click "settings".
In the left sidebar, click "Developer settings".
There, select "Personal Access tokens" => "Tokens (classic)" and click "generate new token (classic)"
In the dialog that opens, input something that identifies the token under notes, e.g. the hostname of your PC
For expiration, set to no expiration (or else have great fun resetting this every year, because you can't expire it after 5 years, only for periods shorter than 1 year or else you need unlimited...)
under selected scope, click the checkbox for "repos", then click "generate token".
This will then display your PAT token (use your eyes).
B) Add the token to your git-settings
Now, on the git command line, issue
Then, you need to add the token:
The token has now been added.
You can now perform
Yupiii !
And the PAT won't require any password.
And congratulations github team, by issuing tokens that don't require a user password, you just ruined ransomeware security.
Therefore, your github-account is now less secure than it was with passwords.
Fortunately, PATs don't require 2FA-authentication, so this effectively cancels any security 2FA-authentication adds... Again, congratulations Microsoft, more stupid really is not possible. I'm still waiting in vain for the ability to disable this highly annoying and from a security-standpoint completely useless lockout-danger-only 2FA-authentication, though.
Dear Microsoft:
Why not just use plain old ssh-keys ?
They require a password to enter every time you want to connect, and that stops ransomware encryption automation. If you don't want to enter a password every time, you can just leave the password blank, so every user can decide what is more important to them.
The only problem is i need to access github over https (because all other ports are blocked) and so I need to use those completely useless and totally insecure PATs.