Passwords, SSH keys exposed on GitHub

Powered by SC Magazine

GitHub search down, but user mistakes still exposed.


Updated: Github users have been caught out storing keys and passwords in public repositories.

Search links popped up throughout Twitter today pointing to stored keys including what was reportedly credentials for the Google Chrome source code repository, Chromium.

Scores of other credentials were exposed, some representing serious security blunders.



While the keys are no longer searchable via the GitHub due to technical problems, they remain exposed through normal internet search queries.There is also no mechanisms to prevent users from uploading keys, a point which some security boffins say GitHub should implement.

Copyright © SC Magazine, Australia

Passwords, SSH keys exposed on GitHub
Top Stories
Soft drinks and SoftLayer: A solution for hard times?
Coca-Cola Amatil's CIO Barry Simpson shares his story of cost-cutting, outsourcing and why his software developers to ride around in delivery trucks.
Optus considers breaking net neutrality in Australia
May charge Netflix, OTT providers for premium service.
AGL restructure sees CIO depart
Owen Coppage to leave after ten years.
Sign up to receive iTnews email bulletins
Latest Comments
Do you support the Government's data retention scheme?

   |   View results