@@ -78,7 +78,7 @@ Once you have an account, there are several authentication methods you can choos
Here are 3 methods of authentication compared to help weigh security and usability.
Spoiler: The recommended method is [authentication with a (personal) access token](#authentication-with-access-token) as soon as the functions in the browser are no longer sufficient for you.
- By [HRZ identifier and password](#authentication-with-access-token).
- By [JLU credentials (identifier and password)](#authentication-with-jlu-credentials).
- By [(personal) access token](#authentication-with-access-token).
- By [SSH key](#authentication-with-ssh-key).
...
...
@@ -113,7 +113,7 @@ Note that if you enable 2FA for [Git-over-HTTPS](#how-connect-to-jlu-gitlab), yo
An *access token* is a string of random characters, generated by JLU GitLab, with associated permissions that you can use in place of your JLU credentials.
Using access tokens requires a [connection via HTTPS](#how-to-connect-to-jlu-gitlab).
__Advantages__ of this method include the separation of your sensitive HRZ credentials and the flexibility of permissions by purpose.
__Advantages__ of this method include the separation of your sensitive JLU credentials and the flexibility of permissions by purpose.
These can limit the damage in the event of theft, loss, or user error.
The __disadvantages__ are the required setup and familiarization, which should be simplified by the following help texts for [creating](#creating-a-personal-access-token) and [securely storing and using](#securely-storing-and-using-access-tokens)(personal) access tokens.