Keeping GitHub OAuth Tokens Safe
While making your source code available in a public GitHub repository is awesome, it’s important to be sure you don’t accidentally commit your passwords, secrets, or anything else that other…
While making your source code available in a public GitHub repository is awesome, it’s important to be sure you don’t accidentally commit your passwords, secrets, or anything else that other people shouldn’t know.
Starting today you can commit more confidently, knowing that we will email you if you push one of your OAuth Access Tokens to any public repository with a git push
command. As an extra bonus, we’ll also revoke your token so it can’t be used to perform any unauthorized actions on your behalf.
For more tips on keeping your account secure, see “Keeping your SSH keys and application access tokens safe” in GitHub Help.
Written by
Related posts
Students: Start building your skills with the GitHub Foundations certification
The GitHub Foundations Certification exam fee is now waived for all students verified through GitHub Education.
Announcing GitHub Secure Open Source Fund: Help secure the open source ecosystem for everyone
Applications for the new GitHub Secure Open Source Fund are now open! Applications will be reviewed on a rolling basis until they close on January 7 at 11:59 pm PT. Programming and funding will begin in early 2025.
Software is a team sport: Building the future of software development together
Microsoft and GitHub are committed to empowering developers around the world to innovate, collaborate, and create solutions that’ll shape the next generation of technology.