To contribute to a git repository, Git asks your username and password. Passing the credential every time could be hectic for us. Git has a credentials system to solve this. Git provides credential helpers to save the credentials more securely.
Git has a few options provided in the box:
1. The default is not to cache at all. Every connection will prompt you for your username and password.
2. Cache: credentials stored in memory for short durations.
3. Store: credentials stored indefinitely on disk.
4. If you’re using a Mac, Git comes with an “osxkeychain” mode. This method stores the credentials on disk, and they never expire, but they’re encrypted with the same system that stores HTTPS certificates and Safari auto-fills.
Git Config
Git comes with a tool called git config that lets you get and set configuration variables that control all aspects of how Git looks and operates. To list the content of git config file, Use below command.
> git config --global --listTo check, which credential helper is currently being used in your git config file, execute the below command along with "--system", "--global" or "--local" flag as per requirement.
> git config --system credential.helper
To unset it, use below -
> git config --system --unset credential.helperCredential Helper: Cache
The “cache” mode keeps credentials in memory for a certain period of time. None of the passwords are ever stored on disk.
We can provide a timeout argument when configuring the cache credential helper. This allows us to control how long the credentials remain in memory. By default, Git will cache your password for 15 minutes.
> git config credential.helper 'cache --timeout=<seconds>'Credential Helper: Store
This credential helper stores the creds in a file. The downside of this approach is that your passwords are stored in cleartext in a plain file in your home directory (by default in "~/.git-credentials" file).
To store the creds in a file, run the first command to enable credentials storage and then run the second command to save the credentials in a file non-interactively.
Otherwise, When credentials storage is enabled, the first time you pull or push from the remote Git repository, you will be asked for a username and password, and they will be saved in "~/.git-credentials file", If you don't specify the file name.
Enable credential storage using either of the command below -
> git config --global credential.helper store
> git config --global credential.helper 'store --file=~/.gitcreds'
Save the credentials non-interactively in PowerShell - > "https://USERNAME:PAT@github.com" | Out-File "~/.git-credentials"Credential Helper: Manager
To store the credentials in windows credential manager, set the credential helper as "manager" in your git config file.
You can use "--system" flag to set it for system level git config file, "--global" for global level and "--local" for project specific git config.
> git config --global credential.helper managerAfter this, The first time you pull or push from the remote Git repository, you will be asked for a username and password, and they will be saved in windows credential manager and will be used in future as well.