The code hosting service GitHub, which is owned by Microsoft, this week announced a number of security enhancements, including free secret detection for public repositories and required two-factor authentication (2FA) for developers and contributors.
The purpose of the secret scanning application is to assist companies and developers in finding exposed secrets and credentials in their code. In 2022, it assisted in finding 1.7 million possible secrets that were exposed in open repositories. “Secret scanning notifications provide you immediate notice of secrets that have leaked in your code. For your quickest protection, we’ll continue to inform our partners.