Provide one time tokens for HTTPS clones when 2FA is enabled
Problem to solve
Often I have to clone private repositories on different virtual machines and because I do not want to copy my private SSH key to all these machines, I choose to clone the repository using HTTPs. But doing a simple username+password authentication doesn't work then, either, because 2FA is enabled in my account. So I have to go to my account settings, generate a new Access Token, copy it over into the VM to clone the repo, and then delete it again. It's not really worth saving the token somewhere safe for re-use and I cannot retrieve existing tokens when re-visiting the account settings later on. But doing this procedure every time for every clone is just a pain.
Intended users
- Delaney (Development Team Lead)
- Sasha (Software Developer)
- Sidney (Systems Administrator)
- Sam (Security Analyst)
Proposal
One possible solution to make this process way easier would be a button in the clone dropdown (below the SSH and HTTPS clone URLs) that enables the user to copy a one-time (or time-limited) access token to the clipboard that maybe even can only be used to clone the current repository. This token can then be simply pasted into the terminal when git asks for the password for the HTTPS repository cloning.
Permissions and Security
As far as I know, this would not require any more permissions than the user already has.