Git Error

Git Error "remote Invalid username or password"

This article introduces how to handle the remote Invalid username or password・fatal Authentication failed error when trying to push a repository to a remote like GitHub using git. The latter part also covers how to create an access token on GitHub.

Shou Arisaka
3 min read
Nov 23, 2025

Image

When performing git push in a git project, you may encounter the following error.

$ git push -u origin main
remote: Invalid username or password.
fatal: Authentication failed for 'https://github.com/user/repo.git/'

This error mainly occurs when the access token obtained from GitHub is invalid. Common examples include when you’ve obtained an access token from GitHub and saved it to a file (.git-credentials), but the access token has expired (the default is 3 months), or when the credential has timed out (typically about one hour).

In the latter case, if the access token itself is still usable, the following command should allow you to git push again.

git config --global credential.helper 'cache --timeout=3600'
# or 
git config --global credential.helper 'store'

In the former case, since the access token has expired, you need to create a new access token on GitHub.

The following introduces the procedure for creating an access token on GitHub.

Navigate to the following page.

GitHub Apps

Go to “Personal access tokens” and click generate new token Select the necessary permissions and complete the creation. In my case, I clicked repo (repository) to enable repository-related work including git push.

Image

Image

When the access token creation is complete, you’ll be taken to a page like the following. The string starting with “ghp_” is the token. Copy and paste this as the password when prompted for password during git push to GitHub, instead of your GitHub password.

Image

Without any configuration, you’ll be required to enter the password (access token) every time you git push. This reduces work efficiency, so cache or save the access token to a file for a certain period as follows.

  • The former cache method is safer, but the latter file storage method is more insecure. Specifically, for example, malicious Node.js npm modules/libraries might be able to access the access token.

To save to cache:

In the following command example, the timeout is set to 3600 seconds, one hour. This means that after entering the access token on the first git push and it’s cached, you can git push and use git commands for one hour without re-entering the access token.

git config --global credential.helper 'cache --timeout=3600'

To save to file

git config --global credential.helper 'store'

When saved to file, unless settings are changed, the token data is saved to the following file path.

~/.git-credentials

You can output the saved token data with the following command.

cat ~/.git-credentials

Reference:

Creating a personal access token - GitHub Docs

Share this article

Shou Arisaka Nov 23, 2025

🔗 Copy Links