Cannot commit from command line using github 2FA

Question

I can't commit to my repos using username/pass with git via the command line now that I've got 2FA enabled on my account.

I have a "user access token" but I really, really hate it. So now I can only commit when I have this super long string copied into my clipboard, and if anyone sees that string or somehow gains access to my clipboard or I paste it somewhere by mistake or I put it in a file and the file is accessed the attacker can just wreck havoc on my repos?

I really don't understand how this is more secure than remembering a 12 digit random number/letter/symbol password that is not written down anywhere. I must be doing something wrong or misunderstanding how to use this personal access token. What am I doing wrong?

Answer 1

First, you can cache that token: see:

• "Is there a way to skip password typing when using https:// github"
  (I use the credential helper netrc both on Ubuntu, Red Hat and Windows)
• "Configure Git clients, like GitHub for Windows, to not ask for authentication".

Second, the main difference between a (shorter) account password and a token is:

• you can revoke a token (and keep your password)
• you can have multiple tokens (which can be created for a limited use or time, and then revoked)