Bo Ye Bo Ye - 2 months ago 18
Git Question

Is a private repository on github or bitbucket safe for storage of passwords?

As I understand, despite the email servers use TLS to encrypt the messages to transfer between different targets and destinations,the contents on the mail servers are by no means encrypted. That's the reason why sending passwords via email is not recommended.

On the surface, it's appealing to save some sensitive information in the git repositories for the sake of convenience. However, it seems to hit the same issue as mail server's dilemma.

So I'm wondering if saving passwords in the private git repository is likewise as unsafe as mail server.

Thanks in advance!

Answer

Please don't do that.

Storing passwords on thirdparty services is generally a bad idea, especially ones not designed for secure data storage.

Github has a pretty detailed article about their security: https://help.github.com/articles/github-security/

They don't encrypt the repositories on disk because, as they point out:

We do not encrypt repositories on disk because it would not be any more secure: the website and git back-end would need to decrypt the repositories on demand, slowing down response times. Any user with shell access to the file system would have access to the decryption routine, thus negating any security it provides. Therefore, we focus on making our machines and network as secure as possible.

So, at the very least, your passwords would be accessible to GitHub employees.

Private repos are basically just the same as non-private ones, they're just not listed on the website for people who aren't allowed to see them.

Plus, if you stop paying, don't your private repos become public?

Do you really trust everyone you're going to give access to your repository to not abuse the passwords, and not publish them?

The problem you presumably have is roughly "I have a piece of software that needs to use database passwords and it's annoying to have to keep inputting them so I want to put them in the config file I store in git".

One way to solve this problem is to make a file containing your passwords, passwords.json, and add this to your .gitignore. You would then commit to your repo a passwords-example.json showing the format of passwords.json, just without any real passwords (and presumably a README.md explaining how to use this).

Comments