Removing Passwords from Git Repos

For those who have accidentally committed passwords, api keys, etc to a guy repo, we have a great tool available to take care of it, BFG. BFG will remove those secrets from the entire git repository’s history, not just the most recent commit.

bfg --replace-text passwords.txt

git reflog expire --expire=now --all && git gc --prune=now --aggressive

Passwords.txt is just a line delimited list of passwords. Just don’t commit this to your repo

The tool is available here on github