Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

How do you find secrets or passwords that might have been accidentally checked into Bitbucket?


How do we make sure we don't have any developers who have checked in passwords or secrets into code accidentally?

1 answer

1 accepted

You can use credentials scanning solutions comb through git repositories and flag anything sensitive that was committed in error.

For Bitbucket, you can use our app Security for Bitbucket. Security for Bitbucket streamline this process. Scans can be performed, reviewed, and dispositioned without scripting or setting up an external service. Security for Bitbucket also integrates with Bitbucket’s hook architecture to block any dangerous incoming commits. Without such an integration, committed secrets can only be caught after the fact, and must be considered compromised and rotated out.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published in Bitbucket

Git push size limits are coming to Bitbucket Cloud starting April 4th, 2022

Beginning on April 4th, we will be implementing push limits. This means that your push cannot be completed if it is over 3.5 GB. If you do attempt to complete a push that is over 3.5 GB, it will fail...

2,222 views 2 9
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you