I really do bot understand the policy of github.
Before I could have a 40 char password in my head. Now it MUST be somewhere in my disc.
I was totally surprised as I learned is the only way to login. Seems a 50 year old idea
And yet the likelihood of you telling someone or typing the contents of this file somewhere you shouldn't is much lower. It's more phishing resistant and is much less likely to be in some leaked password database, that's what GitHub cares about. Targeted attacks on single people don't even move the needle.
Phishing and password stuffing attacks are like 95% of 'hacking' attempts.
And frankly it is very likely that your 40 character password landed in your shell history at least once.
Phishing and password stuffing attacks are like 95% of 'hacking' attempts.
And frankly it is very likely that your 40 character password landed in your shell history at least once.