An Interest In:
Web News this Week
- April 1, 2024
- March 31, 2024
- March 30, 2024
- March 29, 2024
- March 28, 2024
- March 27, 2024
- March 26, 2024
Some of Our Sources
- Slashdot
- Techcrunch
- Joshua Blankenship
- The Logo Smith
- TutsPlus - Design
- You The Designer
- Fuel Your Creativity
- Inspiredology
- Freelance Switch
- Willems Lab
Help Webnuz
Referal links:
Secure your GitHub Personal Access Tokens with an Expiration Date
GitHub has just introduced the ability to set an optional expiration date on personal access tokens (PATs). Users are now able to choose an expiration from a set of preset values, or specify a custom expiration date using a calendar drop-down.
Let's take a look at this new feature!
Video
As usual, if you are a visual learner, or simply prefer to watch and listen instead of reading, here you have the video with the whole explanation and demo, which to be fair is much more complete than this post.
Link to the video: https://youtu.be/f7t7cJp2v00
If you rather prefer reading, well... let's just continue :)
The Problem
Personal Access Tokens, or PATs, provide users with a quick way to create OAuth access tokens which they can use instead of passwords to make API calls or use services.
However, until now PATs didn't offer an expiration option, meaning they exist until they are manually disabled. Long-lived tokens can create large security implications if they leak.
Now this new optional expiration date increases both user's and organization's ability to secure how their data is accessed.
Set the Expiration Date
To set the expiration date to a PAT just go to the PAT creation, under Your Profile > Settings > Developer Setting > Personal Access Tokens, and in here after clicking on the "Generate new token" button you'll have, among the other things, the new "Expiration" drop down.
Here you can select any of the pre-defined options, between 7 and 90 days, or insert a custom expiration date.
There is still the possibility to have non-expiring tokens, as you can see, but it is highly not recommended since, as I've mentioned before, that could represent a security issue in case the tokens leak.
It is also possible to update existing tokens, adding the expiration date... however, that requires the re-generation of the token key.
Conclusions
Let me know in the comment section below what do you think about this feature. And if you are new to Personal Access Tokens in GitHub, I highly encourage you to checkout this post or this video where I explain everything you need to know about them.
Like, share and follow me for more content:
YouTube
Buy me a coffee
Patreon
CoderDave.io Website
Merch
Facebook page
GitHub
Twitter
LinkedIn
Podcast
Original Link: https://dev.to/github/secure-your-github-personal-access-tokens-with-an-expiration-date-5cl
Dev To
An online community for sharing and discovering great ideas, having debates, and making friendsMore About this Source Visit Dev To