It Is a Good Thing to be Scared When It Comes to Security

While at a software security training, I realized that when it comes to security, nothing is more important than being scared. It is good thing to be scared. Every day when we work on our feature, we focus on what makes our customer happy, the product great, and finally releasing on schedule. Security is not the top priority in our mind. Making a software secure is not fun, doesn't shine like that fancy new capability, and a lot of time it is a boring task. However, the fear of a hacker that can ruin your work and bring it down is a good motivation.

Learning about different threats, I could feel the fear building in me and eventually transferred to a sense of urgency and a motivation to learn more and take action. I think every engineer should take couple of hours every week and read about security incidents. Nothing can keep you more alert than stories of companies that got hacked and critical business data that got compromised. The devastating effect that these security incidents have on companies and individual's life is enough to keep you awake at nights. It is a good inconvenience to have, and a lot better than having your system compromised.

How to clean up your git credintials on windows (i.e. Credential stored by wincred)

One problem that I noticed with wincert is that after I changed my password, it doesn't ask me for new password. It tries the old password and if it fails it returns. My expectation was that if the password fails, it prompts for a new password and replaces the old password after successful attempt.  However, it doesn't do this. You have to manually do the following

1- Go to Credential Manager Win key -> and search for it
2- Click on windows credentials
3- Remove the address that starts with git:http...

This should solve your problem. :)