Best practices for user security

There are steps your users can take to help protect your enterprise.

Requiring a password manager

We strongly recommend requiring your users to install and use a password manager--such as LastPass or 1Password--on any computer they use to connect to your enterprise. Doing so ensures that passwords are stronger and much less likely to be compromised or stolen.

Restrict access to teams and repositories

To limit the potential attack surface in the event of a security breach, we strongly recommend only giving users access to teams and repositories that they absolutely need to do their work. Since members with the Owner role can access all teams and repositories in the organization, we strongly recommend keeping this team as small as possible.

For more information on configuring teams and team permissions, see "Permission levels for an organization repository".

Did this doc help you?

Privacy policy

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Or, learn how to contribute.