1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • GitHub will demand you use a security key if you want to make pro

    From TechnologyDaily@1337:1/100 to All on Fri Aug 13 14:30:03 2021
    GitHub will demand you use a security key if you want to make project changes

    Date:
    Fri, 13 Aug 2021 13:09:26 +0000

    Description:
    It might seem inconvenient, but the move will ensure the sanity of the repositories, GitHub reasons.

    FULL STORY ======================================================================

    GitHub will disable password-only access to developers for conducting any
    Git operations that require authentication.

    In a move first announced in December 2020, the change follows a similar, but limited move the month before in which GitHub, one of the largest public code repositories, deprecated the use of passwords for conducting authenticated
    Git operations via the REST API.

    As previously announced , starting on August 13, 2021, at 09:00 PST, we will no longer accept account passwords when authenticating Git operations on GitHub.com. Instead, token-based authentication (for example, personal
    access, OAuth, SSH Key, or GitHub App installation token) will be required
    for all authenticated Git operations, read the brief announcement. TechRadar needs you!

    We're looking at how our readers use VPNs with streaming sites like Netflix
    so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

    Click here to start the survey in a new window << Heres our list of the best password managers These are the best identity management services Weve also rounded up the best security keys

    However, the change wouldnt have any impact on the workflow of developers who have enabled two-factor authentication ( 2FA ), since it already meets the requirement of using a token-based on SSH-based authentication. Securing access

    In its earlier post, GitHub recounts the number of security mechanisms the platform has introduced over the years, such as 2FA, sign-in alerts, verified devices, WebAuthn support, and more, to give developers more options to
    secure access to their repositories.

    Explaining the need for phasing out the use of passwords for authentication, GitHub had argued that the move will help save the repositories from unauthorized users who might take advantage of a developers poor password hygiene , such as reusing passwords across multiple websites.

    It reasoned that tokens dont suffer from the same weaknesses as passwords and additionally offer a number of security benefits. For instance, tokens can be scoped to enable limited access, and can be revoked easily as well. Shield yourself with these best identity theft protection services



    ======================================================================
    Link to news story: https://www.techradar.com/news/github-will-demand-you-use-a-security-key-if-yo u-want-to-make-project-changes/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)