GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, we help protect users from data leaks and fraud associated with exposed data.
We have partnered with redirect.pizza, a domain redirection service, to scan for their API tokens and help secure our mutual users. Their API keys allow users to create, update, and delete redirects. We'll forward API tokens found in public repositories to redirect.pizza, who will notify the user by email and automatically revoke the token. More information about redirect.pizza’s API tokens can be found here.
GitHub Advanced Security customers can also scan for redirect.pizza API keys and block them from entering their private and public repositories via secret scanning’s push protection feature.
Achievements celebrate specific events and actions that happen on GitHub. They will appear as small badges listed in the sidebar of your profile and are in Public Beta starting today. Check out the blog post to learn more.
To stop private contributions from counting toward your Achievements or to turn off Achievements entirely, see "Showing your private contributions and Achievements on your profile."
You can now use GitHub Mobile to complete your password reset, if you have two-factor authentication enabled.
After you confirm access to your email address, you'll be asked to authenticate with any registered second factor. GitHub Mobile will be the default if you have it installed.
For more information, please see "Updating your GitHub access credentials".