Johannes Schindelin <Johannes.Schindelin@xxxxxx> writes: > It would be different, of course, if http.emptyAuth would *not* allow the > user to type their credentials when accessing something like > https://github.com/dscho/shhh-secret-repository, *only* trying the login > credentials. But that is not the case, with http.emptyAuth=true, login > credentials are attempted first, and when they fail, the user is still > asked interactively for their credentials. > > All I can see is that this would be *an improvement*: corporate users > trying to access a Git repository that requires their login credentials > would now not even need to enter empty user name/password. Yup, my thought process after seeing your first message to David exactly mirrored the above two paragraphs. It sounds like you two have a good plan ;-) Thanks. > This alone would be already a good reason to change the default, IMHO. > > So here is my plan: > > - change the default of http.emptyAuth to true in the next Git for Windows > version > > - publish a prerelease for early adopters to test > > - contribute this patch here on the Git mailing list, in the hope that it > will make it into the next major version > > Ciao, > Dscho