GitHub has added support for securing Git Git operations using FIDO2 security keys for added protection from account takeover attempts. GitHub has also announced in December that it will switch to token-based authentication starting with August 2021, when account passwords will no longer be accepted for authenticating Git operations. Researchers at North Carolina State University found that more than 100,000 GitHub repositories have leaked API tokens and cryptographic (SSH and TLS) keys after scanning roughly 13% of GitHub’s public repositories over almost six months.
Source: https://www.bleepingcomputer.com/news/security/github-now-supports-security-keys-when-using-git-over-ssh/