Skip to main content

Updating your GitHub access credentials

GitHub Enterprise Cloud credentials include not only your password, but also the access tokens, SSH keys, and application API tokens you use to communicate with GitHub Enterprise Cloud. Should you have the need, you can reset all of these access credentials yourself.

Requesting a new password

  1. To request a new password, visit

  2. Enter the email address associated with your account on, then click Send password reset email. The email will be sent to the backup email address if you have one configured. Password reset email request dialog

  3. We'll email you a link that will allow you to reset your password. You must click on this link within 3 hours of receiving the email. If you didn't receive an email from us, make sure to check your spam folder.

  4. If you have enabled two-factor authentication, you will be prompted for your 2FA credentials:

    • If you have GitHub Mobile, you will be sent a push notification to verify your identity. Open the push notification or the GitHub Mobile app and enter the two-digit code shown to you on the password reset page in your browser. Two-factor GitHub Mobile authentication prompt

      • To skip using GitHub Mobile to verify, click Enter two-factor authentication or recovery code. Two-factor GitHub Mobile authentication prompt on GitHub Enterprise Cloud with "Enter two-factor authentication or recovery code" highlighted
    • Type your authentication code or one of your recovery codes and click Verify. Two-factor authentication prompt

      • If you have added a security key to your account, click Use security key instead of typing an authentication code.

      • If you have set up GitHub Mobile, click Authenticate with GitHub Mobile instead.

  5. Type a new password, confirm your new password, and click Change password. For help creating a strong password, see "Creating a strong password." Password recovery box

To avoid losing your password in the future, we suggest using a secure password manager, like LastPass or 1Password.

Changing an existing password

在输入密码进行登录、创建帐户或更改密码时,GitHub Enterprise Cloud 将根据 HaveIBeenPwned 等资料集检查你输入的密码是否被视为弱密码。 即使是以前从未用过的密码,也可能被视为弱密码。

GitHub Enterprise Cloud 仅在您输入密码时检查密码,绝不会以纯文本存储您输入的密码。 有关详细信息,请参阅 HaveIBeenPwned

  1. Sign in to GitHub Enterprise Cloud.

  2. 在任何页面的右上角,单击个人资料照片,然后单击“设置”。

    用户栏中的 Settings 图标

  3. In the "Access" section of the sidebar, click Password and authentication.

  4. Under "Change password", type your old password, a strong new password, and confirm your new password. For help creating a strong password, see "Creating a strong password"

  5. Click Update password.

For greater security, enable two-factor authentication in addition to changing your password. See About two-factor authentication for more details.

Updating your access tokens

See "Reviewing your authorized integrations" for instructions on reviewing and deleting access tokens. To generate new access tokens, see "Creating a personal access token."

If you have reset your account password and would also like to trigger a sign-out from the GitHub Mobile app, you can revoke your authorization of the "GitHub iOS" or "GitHub Android" OAuth App. This will sign out all instances of the GitHub Mobile app associated with your account. For additional information, see "Reviewing your authorized integrations."

Updating your SSH keys

See "Reviewing your SSH keys" for instructions on reviewing and deleting SSH keys. To generate and add new SSH keys, see "Generating an SSH key."

Resetting API tokens

If you have any applications registered with GitHub Enterprise Cloud, you'll want to reset their OAuth tokens. For more information, see the "Reset an authorization" endpoint.

Preventing unauthorized access

For more tips on securing your account and preventing unauthorized access, see "Preventing unauthorized access."