If you want to remove passwords from your repo's history, I recommend the BFG Repo-Cleaner, which is a faster, simpler alternative to git-filter-branch explicitly designed for removing private data from Git repos.
You have to create a private.txt file listing the passwords, etc, that you want to remove (one entry per line) and then run this command:
$ java -jar bfg.jar --replace-text private.txt my-repo.git
What it does is, it will scan all files under a threshold size (1MB by default) in your repo's history, and any matching string (that isn't in your latest commit) will be replaced with the string "***REMOVED***".
Then you can then use git gc to clean away the dead data:
$ git gc --prune=now --aggressive
The BFG is typically 10-50x faster than running git-filter-branch and the options are simplified and tailored around these two common use-cases:
- Removing Crazy Big Files
- Removing Passwords, Credentials & other Private data