GitHub about the decision to drop support for password authentication when connecting to Git. Direct Git operations that require authentication will only be possible using SSH keys or tokens (GitHub or OAuth personal tokens). A similar restriction will also apply for REST APIs. The new authentication rules for the API will be applied on November 13th, with Git access tightening planned for the middle of next year. The exception will only be granted to accounts using , which will be able to connect to Git with a password and an optional verification code.
It is assumed that tightening authentication requirements will protect users from compromising their repositories in the event of a leak of user bases or hacking of third-party services on which users used the same passwords from GitHub. Among the advantages of authentication by tokens is the ability to generate separate tokens for specific devices and sessions, support for the withdrawal of compromised tokens without changing credentials, the ability to restrict the access area through a token, and tokens are not subject to brute force determination.
Source: opennet.ru