Keeping GitHub OAuth Tokens Safe
While making your source code available in a public GitHub repository is awesome, it’s important to be sure you don’t accidentally commit your passwords, secrets, or anything else that other…
While making your source code available in a public GitHub repository is awesome, it’s important to be sure you don’t accidentally commit your passwords, secrets, or anything else that other people shouldn’t know.
Starting today you can commit more confidently, knowing that we will email you if you push one of your OAuth Access Tokens to any public repository with a git push
command. As an extra bonus, we’ll also revoke your token so it can’t be used to perform any unauthorized actions on your behalf.
For more tips on keeping your account secure, see “Keeping your SSH keys and application access tokens safe” in GitHub Help.
Written by
Related posts

GitHub Availability Report: August 2025
In August, we experienced three incidents that resulted in degraded performance across GitHub services.

Your guide to GitHub Universe 2025: The schedule just launched!
Create your own agenda of favorites, sign up for one-on-on mentoring sessions, and register if you haven’t already. We’ll see you there!

Explore the best of GitHub Universe: 9 spaces built to spark creativity, connection, and joy
See what’s happening at Universe 2025, from experimental dev tools and career coaching to community-powered spaces. Save $400 on your pass with Early Bird pricing.