33
eo2875
4y

The intern pushed their credentials to GitHub...

... again

Comments
  • 7
    Attempt no. 3 - will be unlucky number.
  • 16
    Put all local credentials in a separate debug config and git.ignore it.

    On the other hand, they should never use their own credentials to access anything even in debug mode.
  • 12
    What I suggest and do is a bfg repo cleaner as a pre commit hook that searches for passwords or other creds. Saves me a lot.of accidental derps
  • 2
    @NeatNerdPrime although that's nice, I have two words for you.

    git gud.
  • 6
    Any credential pushed to public repo should be assumed as compromised, first step should be to revoke the credentials.
  • 5
    @theabbie First step is to slap the (ir)responsible party. Revoking the credentials is step 2.
  • 2
    @ItsNotMyFault I'd say the first step is revoking credentials.

    Credential scrappers might be a lot faster than your pimp hand.
Add Comment