Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Are GitHub creds any harder for malware to steal than NPM creds? I don't see how that helps at all.


well, if you talk about private SSH keys for Git operations and SSH/GPG keys for signing, then you'd better set up a passphrase on them, which GitHub strongly recommends. the passphrase will make it significantly harder to use the keys. so, as usual, It Depends (c)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: