I've been trying to learn open-source by contributing to a repo, but when I was trying to push by coding git push --set-upstream origin The-path-to-your-dreams
it said I needed to put in my username and password. After putting my GitHub username I tried to put in the password, but it wouldn't let me type.
When I entered the code anyways it told me I needed authentication which I assume means I need the right password. Is the cause of the problem
CodePudding user response:
You cannot use password to authenticate anymore since August 13, 2021 as mentioned in the error message, you should use a Personal Access Token instead
See similar problem in the link below, it includes steps on how to get and use the personal access token Message "Support for password authentication was removed. Please use a personal access token instead."
CodePudding user response:
GitHub no longer lets you use a password to authenticate and requires the use of a personal access token or some other type of token. You can generate a personal access token in the settings and as long as you provide the repo
scope, you should be able to fetch and push normally.
When you're prompted for your password in the terminal, specify your token instead. Note that in the terminal, typically there is no echo, not even of asterisks, and therefore there won't be any indication that your token has been pasted correctly until you hit Enter and it's submitted.
GitHub doesn't allow passwords here or for the API because many people choose poor passwords, and if someone's password is compromised, they can do a lot of damage. Even if you don't care if your account is compromised, compromised accounts can be used in corporate exfiltration, spam, and abuse, and therefore GitHub cares very much about having secure accounts to maintain a healthy platform. By restricting passwords to only the web interface, it reduces the scope of automated password guessing attacks, since Git and API access are expected to allow high-volume automated access, but the login form is not. The tokens that GitHub creates contain at least 128 bits of entropy from a CSPRNG and therefore are functionally unguessable.