Since August 13, 2021 GitHub is no longer allowing users to access repositories with username/password authentication. This will affect users accesing github repositories from command line clients.
You will need to create a Personal Access Token (PAT) if you wish to continue accessing your repositories from the command line.
Instructions for how to create a PAT can be found on GitHub. It's a simple process and at the time of this writing it consists on going to your profile's Developer Settings at Your Github profile -> Settings -> Developer Settings
(click on your profile picture to find the link to Your GitHub profile
).
When creating yor access token for accessing your repositories it is better if you set an expiration date*.
After you generate your new PAT you will use your username as usual, but instead of the password you will use your new access token. However, if you are using macOS, you might wonder how can you tell git to stop using your old credentials when trying to clone repositories or add remotes.
As detailed here, you will need to run the following command and enter the specified text, then hit the <return>
key:
$ git credential-osxkeychain erase
host=github.com
protocol=https
> [Press Return]
After you do this you will be asked your credentials the next time you try to do an operation against a GitHub repository.
* Some security tips:
- Don't ever use personal access tokens without an expiration date.
- You may even set it to 6-months or a year in the future to avoid the inconvenience of doing this a lot, but this is much better than not setting an expiration.
- Also, don't write down your token. Create a new one every time you need to access GitHub from any other client.
- Finally, if you are reading this, it means you don't have 2-factor authentication setup on your account. It is highly recommended that you setup 2-factor authentication on your account to prevent unauthorized access, otherwise all the trouble of usings PATs and setting expiration dates, and not writting your passwords might be of little value since your actual main credentials are not properly protected.↩