Leaked API Key Scanner Detail
An API key is a unique identifier serves as a authentication token. Attackers can use your leaked API keys by impersonating you and access your private data.
What is API Key?
API keys are used to assist in tracking and controlling how the interface is being utilized. An API key is a unique identifier serves as a authentication token. It gives users to access rights for the API that it is associated with.
Attackers can use your leaked API keys by impersonating you and access your private data.
Some Advice for Common Problems
If your account is leaked, change your password to strong one immediately. You can check our blog post for how to choose strong password.
- Once you have pushed a commit to GitHub, you should consider any data it contains to be compromised. If you committed a password, change it! If you committed a key, generate a new one.
- While you should first rotate your compromised credentials in all cases, you may wish to remove sensitive information from your git history as well. Remember that git is a versioning tool, which means that your commits history is searchable.
- It is a good idea to review the log data to see if there was some suspicious activity. Some secrets can lead to other secrets.