I keep getting an authentication error when trying to pull or push images to Docker Hub. The error specifically says: Error response from daemon: get unauthorized: incorrect username or password. I am certain my credentials are correct because I can log into the web interface. Is there an issue with using my email address instead of my username, or does Docker now require a Personal Access Token (PAT) for CLI authentication?
3 answers
The most common cause for this error is using your email address as the username in the CLI. Docker Hub's web portal accepts both, but the docker login command strictly requires your Docker ID (username). Additionally, for enhanced security, Docker has moved toward Personal Access Tokens (PAT). If you have Multi-Factor Authentication (MFA) enabled, your standard account password will not work on the command line at all. You must go to your Docker Hub Account Settings, navigate to Security, and generate a new Access Token. Use that token as your password when prompted by the terminal. This is currently the most reliable method to bypass credential mismatch errors and secure your CI/CD pipelines.
I tried using my username instead of email, but I still get the same error. Could it be related to how my credentials are being stored in the config.json file?
You definitely need to use a Personal Access Token instead of your password. Most modern registries are moving away from basic password auth for security reasons.
I agree with Lisa. Switching to a PAT fixed this for my entire team. It’s also much safer because you can revoke the token specifically for that machine without changing your main password.
Brian, that’s a very valid point. Sometimes the ~/.docker/config.json file gets corrupted or holds stale credentials from a previous session. Try running docker logout first to clear the cache, then delete the config.json file if the issue persists before trying to log in again. Also, make sure you aren't running sudo docker login if your user is already in the docker group, as this can create permission conflicts between the root and user-level credential stores.