Is a private repository on github or bitbucket safe for storage of passwords? [closed]

Question

As I understand, despite the email servers use TLS to encrypt the messages to transfer between different targets and destinations,the contents on the mail servers are by no means encrypted. That's the reason why sending passwords via email is not recommended.

On the surface, it's appealing to save some sensitive information in the git repositories for the sake of convenience. However, it seems to hit the same issue as mail server's dilemma.

So I'm wondering if saving passwords in the private git repository is likewise as unsafe as mail server.

Thanks in advance!

Answer 1

Please don't do that.

Storing passwords on thirdparty services is generally a bad idea, especially ones not designed for secure data storage.

Github has a pretty detailed article about their security: https://help.github.com/articles/github-security/

They don't encrypt the repositories on disk because, as they point out:

We do not encrypt repositories on disk because it would not be any more secure: the website and git back-end would need to decrypt the repositories on demand, slowing down response times. Any user with shell access to the file system would have access to the decryption routine, thus negating any security it provides. Therefore, we focus on making our machines and network as secure as possible.

So, at the very least, your passwords would be accessible to GitHub employees.

Private repos are basically just the same as non-private ones, they're just not listed on the website for people who aren't allowed to see them.

Plus, if you stop paying, don't your private repos become public?

Do you really trust everyone you're going to give access to your repository to not abuse the passwords, and not publish them?

The problem you presumably have is roughly "I have a piece of software that needs to use database passwords and it's annoying to have to keep inputting them so I want to put them in the config file I store in git".

One way to solve this problem is to make a file containing your passwords, passwords.json, and add this to your .gitignore. You would then commit to your repo a passwords-example.json showing the format of passwords.json, just without any real passwords (and presumably a README.md explaining how to use this).

Answer 2

You might want to elaborate a little bit more... But nonetheless I am going to assume you are possibly hosting a website or application that stores passwords server side. If so, personally I would use OpenShift for this, since it is free just like GH but is built and designed for this purpose (Site hosting, MySQL, PHP, etc...).

If my assumption is wrong, it's up to your call on whether you view GH as a secure place to store these passwords. Making a repo private does indeed make it private, and inaccessible to others, but it is hosted in a way that wasn't intended for. I'm more than certain too that the repos aren't even encrypted.

In my personal opinion, for what that's worth, would be to host and store this through OpenShift.