My employer, Okta, has recently been making security improvements to how we access all sorts of internal systems. As part of that hardening, we’ve been disallowed from using SSH keys and long-lived GitHub tokens to access our code on GitHub. In place of that, we’ve now got an internal tool that grants us short-lived tokens on demand, after SSOing (through Okta of course). This is a good idea even if it adds a little friction, and means that if you gain access to my machine somehow you won...
