In order to prevent a situation where individuals might experience disruption because they still use a username and password to authenticate Git operations, GitHub urges them to take the following measures:
For developers, if you are using a password to authenticate Git operations with GitHub.com today, you must begin using personal access token over HTTPS (recommended) or SSH key by August 13, 2021, to avoid disruption. If you receive a warning that you are using an outdated third-party integration, you should update your client to the latest version.
In order to make sure that you’re no longer using password-based authentication, you can enable two-factor authentication, which requires OAuth or personal access tokens for all authenticated operations via Git and third-party integrations.
It’s important to know that you will not be affected by this change if :
You have two-factor authentication enabled for your GitHub account. In this case, you are already required to use token- or SSH-based authentication.
You use GitHub Enterprise Server, there were no changes announced for it.
You keep using a GitHub App, GitHub Apps do not tolerate password authentication.
The new change is meant to add an extra layer of protection for GitHub accounts against cyberattacks conducted by threat actors who might try to use stolen credentials.
As a Senior Content Writer and Video Content Creator specializing in cybersecurity, I leverage digital media to unravel and clarify complex cybersecurity concepts and emerging trends. With my extensive knowledge in the field, I create content that engages a diverse audience, from cybersecurity novices to experienced experts. My approach is to create a nexus of understanding, taking technical security topics and transforming them into accessible, relatable knowledge for anyone interested in strengthening their security posture.