This might be stupid question. But I could't find anything about this by search. Maybe, this is stupid question.

I've stored my codes in github.

2 hours ago, I want update my codes in repository, but my local doesn't have that code. So I cloned it, modified codes, and pushed it. At this time, git prompt me to type user name of github and password. I typed it and code updated.

After that, I read my codes in "OTHER" repository. And I found something needed to modify, too. So I cloned that repository to my local computer, modified codes, and pushed it.

But... at this time, git does not prompt message to input user name and password of github.

Huh? Is this mean that anyone cloned my codes in github could also push to my github repository? This is very dangerous situation, isn't it?

So I tested with creating new repository in github. I cloned this new repository to my local, made some change, and pushed it. But git does not prompt message to type user name and password, too.

So, my question is,

1. Does the first pushing save github login information in my local computer, and use it after other push? Then, where it is?
2. What is the github repository's default security setting? I didn't register SSH key of this local computer to github account. It seems irrational to anyone push to my repository with master branch, without any requirement of authentication.

Below is my commands when doing above works.

$git init
$git clone https://github.com/[user name]/[repository name].git
<some change>
$git add *
$git commit -m "change"
$git remote add origin https://github.com/[user name]/[repository name].git
$git push origin master

Added information. For more details, I captured my github setting pages.

This might help.. https://help.github.com/articles/caching-your-github-password-in-git/

Git by default saves your passwd in cache for 15 min.

You can manually unset credential.helper by running below command.

git config --global --unset credential.helper

use --global or --local or --system as per your needs.

Then pushing in github will ask for username and password.

If you are on windows one other way to do this is as below but note that it will again save your credentials if you use credential.helper with git.

Go to control panel -> Credential Manager -> Windows Credentials and remove your git credential entry/entries.

For Mac users password can be clear by running below command :

git credential-osxkeychain erase
host=github.com
protocol=https

Problem: When pushing to the remote git will report: remote: Permission to [your/repo] denied to user [bob]

The username in the store may be wrong. Powershell this:

cd c:\Program Files\Git\mingw64\libexec\git-core;

git-credential-manager.exe remove [bob];

git push origin [your branch];

you should now be prompted for credentials.

In Linux check

cat /home/<MyUser>/.git-credentials

As fas as I understand, there are several ways to checkout using git.

Specifically, using http protocol (that uses name/password) and using ssh (that uses ssh public/private key pair)

It seems you are using ssh, so private/public key pair is used for authorization