Hacker News new | past | comments | ask | show | jobs | submit login

1. Stop using 'git add .' This is a bad habit I see people keep suggesting to new git users. Stop recommending it and stop doing it.

2. Never store your password in .git/config. Why are you doing that? That shouldn't be stored in .git/config.

Why are people using passwords instead of keys?

"Stupid corporate firewall blocks SSH connections" would be my guess.

Why do people even have passwords that don't require 2FA?

Maybe I misunderstood something, but I read the text as people (or .. services like the three doing the announcement) offering URLs containing an access token?

As in https://example.com/mlindner/project1/821372asd1786d21das or something?

If you use this approach to manage access to a repository, then .. that gets stored in the .git/config. No need to store a password or something.

(Then again, maybe I didn't understand the explanation correctly?)

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact