Skip to main content

Creating a strong password

Secure your account on GitHub.com with a strong and unique password using a password manager.

You must choose or generate a password for your account on GitHub.com that is at least:

  • Eight characters long, if it includes a number and a lowercase letter, or
  • 15 characters long with any combination of characters

To keep your account secure, we recommend you follow these best practices:

  • Use a password manager, such as LastPass or 1Password, to generate a password of at least 15 characters.

  • Generate a unique password for GitHub Enterprise Cloud. If you use your GitHub Enterprise Cloud password elsewhere and that service is compromised, then attackers or other malicious actors could use that information to access your account on GitHub.com.

  • Configure two-factor authentication for your personal account. For more information, see "About two-factor authentication."

  • Never share your password, even with a potential collaborator. Each person should use their own personal account on GitHub Enterprise Cloud. For more information on ways to collaborate, see: "Inviting collaborators to a personal repository," "About collaborative development models," or "Collaborating with groups in organizations."

    Al escribir una contraseña para iniciar sesión, crear una cuenta o cambiar la contraseña, GitHub Enterprise Cloud comprobará si la contraseña que ha escrito se considera débil según los conjuntos de datos como HaveIBeenPwned. La contraseña se puede considerar débil, incluso si no la usaste nunca antes.

GitHub Enterprise Cloud solo inspecciona la contraseña cuando la escribes, pero nunca almacena la contraseña que ingresaste como texto simple. Para más información, vea HaveIBeenPwned.

You can only use your password to log on to GitHub Enterprise Cloud using your browser. When you authenticate to GitHub Enterprise Cloud with other means, such as the command line or API, you should use other credentials. For more information, see "About authentication to GitHub."

When Git prompts you for your password, enter your personal access token. Alternatively, you can use a credential helper like Git Credential Manager. Password-based authentication for Git has been removed in favor of more secure authentication methods. For more information, see "Creating a personal access token."

Further reading