I posted my password / API key on GitHub

I stumbled on a website that continuously scans GitHub, GitLab and BitBucket, the 3 most common places to host source code publicly, and shows you committed SSH passwords, API keys for common services, databases and so on. It’s scary, right? Raise your hand if it…