For many developers, GitHub is more than a code hosting platform, it’s a portfolio, collaboration hub, deployment pipeline trigger, and sometimes even a business backbone.
But here’s a serious question:
What would happen if you suddenly lost access to your GitHub account?
Whether it’s due to:
- Forgotten credentials
- 2FA device loss
- Account compromise
- Email access issues
- Suspension or policy violations
The consequences can range from inconvenient to catastrophic.
This guide will walk you through the risks, recovery options, and most importantly, how to prepare before anything goes wrong.
The most effective way to secure your GitHub repositories and work is by creating reliable backups. While you can maintain backups on your local machine, this approach has limitations. Local backups consume storage space, require manual maintenance, and are vulnerable to hardware failure, system corruption, or device loss. If your computer is damaged or stops working, your offline backup may become inaccessible.
Although online backups are generally more reliable than offline storage, many automated GitHub backup services require paid subscriptions. However, there is a free and automated method you can use to back up your GitHub repositories online and it can be used indefinitely without recurring costs.
A Free and Automated Way to Back Up Your GitHub Repositories
Step 1: Create a Fine-Grained Access token in Your Main Account with following steps,
- Goto GitHub account settings then click on developer settings,
- After that you will see one drop down option Personal Access Tokens click on it,
- Now you will see Fine-Grained Tokens click on it and then click on Generate new token.
- Now give this new Token a name like, Backup Token and select expiration to No Expiration
- And also Select Repository access to All repositories
- After that add new permission in Permissions Section as Following
- Contents with Read-Only Access.
- And now click on generate token button and copy the generated token in any Safe Text file for later use.
Step 2: Create a Backup GitHub Account
You can create Backup GitHub Accounts as many as you want, I recommend you create at least 3 backup accounts and follow next steps carefully.
Step 3: Now login to your every backup account and follow these steps,
- First create a private repository name it
backup-runner - Now create a workflow file inside
backup-runnerrepo, name itfull-backup.yml - And now copy this following code inside
full-backup.ymlfile,
name: Full Account Backup
on:
workflow_dispatch:
schedule:
- cron: "0 2 * * *" # daily 2 AM
env:
SOURCE_OWNER: mainAccount # Your Main Account User Name
BACKUP_OWNER: backupAccount # Your Current Backup Account User Name
TOKEN_SRC: ${{ secrets.TOKEN_BACKUP_SRC }}
TOKEN_DST: ${{ secrets.TOKEN_BACKUP_DST }}
jobs:
backup:
runs-on: ubuntu-latest
steps:
- name: Install jq
run: sudo apt-get install -y jq
- name: Fetch all source repositories
run: |
page=1
> repos.txt
API_URL="https://api.github.com/user/repos"
while true; do
resp=$(curl -s -H "Authorization: token $TOKEN_SRC" \
"${API_URL}?per_page=100&page=$page")
# If GitHub returned an error object instead of an array
if echo "$resp" | jq -e 'type=="object" and has("message")' >/dev/null; then
echo "GitHub API error:"
echo "$resp"
exit 1
fi
count=$(echo "$resp" | jq length)
[ "$count" -eq 0 ] && break
echo "$resp" | jq -r '.[].name' >> repos.txt
page=$((page+1))
done
echo "Total repos detected:"
wc -l repos.txt
- name: Configure git
run: |
git config --global user.name "backup-runner"
git config --global user.email "backup@github.com"
- name: Mirror all repositories
run: |
while read repo; do
echo "Backing up $repo"
# Create backup repo if missing
curl -s -o /dev/null -w "%{http_code}" \
-H "Authorization: token $TOKEN_DST" \
https://api.github.com/repos/$BACKUP_OWNER/${repo} \
| grep -q 200 || \
curl -s -X POST \
-H "Authorization: token $TOKEN_DST" \
-H "Content-Type: application/json" \
https://api.github.com/user/repos \
-d "{\"name\":\"${repo}\",\"private\":true}"
# Disable GitHub Actions for the repo
curl -s -X PUT \
-H "Authorization: token $TOKEN_DST" \
-H "Accept: application/vnd.github+json" \
https://api.github.com/repos/$BACKUP_OWNER/${repo}/actions/permissions \
-d '{"enabled":false}'
# Mirror repo
git clone --bare \
https://x-access-token:${TOKEN_SRC}@github.com/${SOURCE_OWNER}/${repo}.git
cd "${repo}.git" || continue
if ! git show-ref --quiet; then
echo "Empty repo detected: $repo"
cd ..
rm -rf "${repo}.git"
continue
fi
# Fetch everything cleanly
git fetch origin --prune --tags
# Push only branches
git push \
https://x-access-token:${TOKEN_DST}@github.com/${BACKUP_OWNER}/${repo}.git \
refs/heads/*:refs/heads/*
# Push tags
git push \
https://x-access-token:${TOKEN_DST}@github.com/${BACKUP_OWNER}/${repo}.git \
--tags
cd ..
rm -rf $repo.git
done < repos.txt- and replace
mainAccountwith your main account user name andbackupAccountwith your current backup account user name.
Step 4: Create a Fine-Grained Access token in Your Current Backup Account with following steps,
- Goto GitHub account settings then click on developer settings,
- After that you will see one drop down option Personal Access Tokens click on it,
- Now you will see Fine-Grained Tokens click on it and then click on Generate new token.
- Now give this new Token a name like, backup-updater and select expiration to No Expiration
- And also Select Repository access to All repositories
- After that add Following permissions in Permissions Section
- Administration with Read and Write access
- Contents with Read and Write access
- Workflows with Read and Write access,
- And now click on generate token button and copy the generated token in any Safe Text file for later use.
Step 5: Now Open Your backup-runner Repository and perform following steps,
- After you opened your backup-runner Repository then click on Settings option
- Now click on Secrets and Variables, then click on Actions
- After that click on New repository secret and create a Secret as Follows,
- Name = TOKEN_BACKUP_SRC
- Secret = your main account Backup Token we created earlier.
- And also create Another Secret as Follows,
- Name = TOKEN_BACKUP_DST
- Secret = your current backup account backup-updater token we created earlier.
Step 6: Now manually trigger Backup runner for testing by following steps.
- First open your backup-runner repository and go to actions tab,
- if you opened this tab first time in this repo, then a confirmation dialog will appear for enabling actions confirm it
- and after that you will see a workflow named Full Account Backup click on it, and trigger Run workflow
- then after successfully Running you will see all your private Repositories is Automatically backed up in your current backup account.