From: M Hickford <mirth.hickford@gmail.com>
To: git@vger.kernel.org
Cc: "peff@peff.net" <peff@peff.net>
Subject: The enduring popularity of git-credential-store
Date: Tue, 8 Nov 2022 10:50:33 +0000 [thread overview]
Message-ID: <CAGJzqskRYN49SeS8kSEN5-vbB_Jt1QvAV9QhS6zNuKh0u8wxPQ@mail.gmail.com> (raw)
Among StackOverflow users [1], git-credential-store appears several
times more popular than any other credential helper. Does this make
anyone else uneasy? The docs warn that git-credential-store "stores
your passwords unencrypted on disk" [2]. Are users sacrificing
security for convenience?
Firstly, how grave is storing credentials in plaintext? Software
development guidelines such as CWE discourage storing credentials in
plaintext [3]. Password managers in desktop environments, mobile
operating systems and web browsers typically encrypt passwords on disk
and guard them behind a master password.
Secondly, the docs recommend git-credential-cache [2] which ships with
Git and is equally easy to configure. So why isn't it more popular? My
hypothesis: while caching works great for passwords typed from memory,
the combination of caching with personal access tokens has poor
usability. The unmemorised token is lost when the cache expires, so
the user has to generate a new token every session. I suspect GitHub's
2021 decision to stop accepting passwords [4] may have inadvertently
pushed users from 'cache' to 'store'.
Thirdly, why doesn't everyone use SSH keys? Unlike HTTP remotes,
upfront set-up is necessary to clone a public repo. For users
unfamiliar with SSH, this set-up may be intimidating. Introducing
users new to Git to SSH at the same time is a significant cognitive
load.
Any ideas how to improve the security of the average Git user?
[1] https://stackoverflow.com/questions/35942754/how-can-i-save-username-and-password-in-git
probably as good a survey of non-expert users as we can get
[2] https://git-scm.com/docs/git-credential-store
[3] https://cwe.mitre.org/data/definitions/256.html
[4] https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations/
[5] https://lore.kernel.org/git/20111210103444.GL16529@sigill.intra.peff.net/t/#u
discussion at introduction of store helper
next reply other threads:[~2022-11-08 10:51 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-08 10:50 M Hickford [this message]
2022-11-08 12:00 ` The enduring popularity of git-credential-store Michal Suchánek
2022-11-08 15:41 ` Jeff King
2022-11-08 21:03 ` Taylor Blau
2023-02-11 7:11 ` M Hickford
2022-11-08 22:52 ` brian m. carlson
2022-11-12 2:30 ` M Hickford
2022-11-17 17:17 ` Matthew John Cheetham
2022-11-17 18:51 ` Jeff King
2022-11-17 19:29 ` Lessley Dennington
2022-11-17 20:43 ` Jeff King
2023-05-29 9:53 ` M Hickford
2023-05-28 19:33 ` M Hickford
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAGJzqskRYN49SeS8kSEN5-vbB_Jt1QvAV9QhS6zNuKh0u8wxPQ@mail.gmail.com \
--to=mirth.hickford@gmail.com \
--cc=git@vger.kernel.org \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).