To save your username and password in Git (for HTTPS repositories), you can use Git’s credential helper system. Below are the recommended methods to securely store credentials:
1. Use Git Credential Manager (Secure & Recommended)
Git Credential Manager (GCM) securely stores credentials in your system’s keychain (Windows/Mac/Linux).
Steps:
- Windows/Mac:
Install Git Credential Manager (included with Git for Windows v2.29+ and macOS via Homebrew).
Configure:
git config --global credential.helper manager-core- Mac (Legacy):
git config --global credential.helper osxkeychain- Linux (requires
libsecret):
git config --global credential.helper /usr/share/doc/git/contrib/credential/libsecret/git-credential-libsecret2. Cache Credentials Temporarily
Store credentials in memory for a set time (e.g., 1 hour):
git config --global credential.helper "cache --timeout=3600"3. Store Credentials in Plaintext (Not Recommended)
Save credentials permanently in a plaintext file (use only for private machines):
git config --global credential.helper storeCredentials are saved in ~/.git-credentials (Linux/Mac) or %USERPROFILE%\.git-credentials (Windows).
4. Embed Credentials in the Remote URL (Insecure)
Add credentials directly to the repository URL (avoid this for security):
git remote set-url origin https://username:password@github.com/user/repo.gitSecurity Notes
- Never commit credentials to a repository (use
.gitignoreto exclude credential files). - Use SSH keys for better security (replace HTTPS with SSH):
git remote set-url origin git@github.com:user/repo.gitExample Workflow
- Configure Git Credential Manager:
git config --global credential.helper manager-core- Clone/Push (credentials are saved after the first prompt):
git clone https://github.com/user/repo.gitTroubleshooting
- If using 2FA, replace your password with a GitHub Personal Access Token.
- For SSH, generate an SSH key and add it to your account.
Summary
- Use Git Credential Manager for secure, platform-native storage.
- Avoid plaintext storage unless absolutely necessary.
- Prefer SSH keys for authentication over HTTPS.