[terrorobe]

The main reason to de-emphasize passwords is that they can easily get leaked and can cause long-lasting problems.

Forcing automation to use per-service authentication tokens in the form of distinct SSH keys or access tokens allows you to

* limit the scope of the token when it gets leaked * Using a password gives you full control over a GitHub account, a SSH key or token much less so * verify which credentials are still actively used * deactivate & replace tokens on a more fine-grained level if one should get leaked