How to correctly use GitHub's authentication token?

Question

When I pushed to my repository using the bash terminal, GitHub sent me an email:

[GitHub] Deprecation Notice
Hi,

You recently used a password to access the repository at with git using git/.

Basic authentication using a password to Git is deprecated and will soon no longer work. Visit https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations/ for more information around suggested workarounds and removal dates.

Thanks, The GitHub Team

So I tried figuring out how to use the auth token, but this, this and this page didn't really help.

Once I generate a token that looks like this, ff35995a9624470a855520c573972d2f1812843, I understand that I'm supposed to be able to do a git push --all, then type my username and enter the token to be able to authenticate.
But this would mean that I need to store this token in plain text or in some password manager. That just seems wrong. Or is my understanding of this whole process flawed?

How do I securely use this token instead of a password? I remember SourceTree had something that I think was a provision for storing such a token, but how would one do it via the Linux terminal securely?

Answer 1

Effectively, your password is replaced by a "personal access token", which is just another sort of password. Instructions for how to generate it are here. It's completely random so it is impossible to remember. Cool. Save it in place of your password in a password manager so you can use it when necessary, or there are other solutions such as caching.

See the bottom of this help page you will see it is used in exactly the same way as a password along with your original username. Also you might need to switch your repository from ssh to html.

More stackoverflow answers are here Authenticate with GitHub using a token