I have been using GitHub with my students in college and post graduation.
The fact is that I share code and ask for assignments to be delivered all by GitHub.
But now GitHub asked me to create a “personal access tokens” to be used instead of my password. I save the provided key in a local text file because nobody can know it by hart, this is the first big security issue!
The thing is, by Eclipse UI or git command line I need to copy and past the key, and so, my students will see my key and moreover it is recorded on video too!!!
I really prefer to use the standard password to work in my classes.
My workaround now is to do not user Github!