Adafruit
Adafruitsaas4 credentials
Adafruit User Password
adafruit / user-password
Adafruit users authenticate to Adafruit and Adafruit IO web interfaces with user-defined account credentials. This entry models ordinary user login context and does not claim a static vendor default.
Location
/users/sign_in, /account, /ioAdafruit account and Adafruit IO web sign-in contexts
Password managers, enterprise IdP stores, break-glass account vaults, and team credential stores
Web sign-in logs, audit events, support traces, browser exports, and copied troubleshooting output
Notes
No static Adafruit default password was found or modeled.
Adafruit IO Key
adafruit / adafruit-io-key
Adafruit IO keys authenticate REST and MQTT access to Adafruit IO feeds, groups, and dashboard data. Official API docs show the key sent in the X-AIO-Key header or x-aio-key query parameter; official CircuitPython and Arduino examples store the key in settings.toml or config.h.
Looks like
exampleb780002b85d6411ca0ad9f9c60195f72adafruit_api_key = b780002b85d6411ca0ad9f9c60195f72Location
ADAFRUIT_AIO_KEYOfficial CircuitPython examples read this key from settings.toml using os.getenv
X-AIO-KeyOfficial Adafruit IO API header for API-key authentication
/api/v2Adafruit IO REST API endpoints that accept X-AIO-Key or x-aio-key
settings.toml, secrets.py, config.h, secrets.h, .envCircuitPython, Python, Arduino, and local environment files that commonly store Adafruit IO credentials
CI/CD variables, microcontroller secrets stores, cloud secret managers, password vaults, and automation vaults
CircuitPython code, Arduino sketches, Python scripts, notebooks, examples, tests, and MQTT/REST clients
Serial console logs, MQTT client logs, REST debug logs, CI output, exception traces, and support bundles
Notes
The bare 32-character key pattern is intentionally documented as contextual; scanners should require Adafruit-specific locations, headers, config keys, or surrounding text to avoid matching arbitrary hex strings.
Adafruit IO Username
adafruit / adafruit-io-username
Adafruit IO clients pair the account username with an IO key for REST and MQTT authentication. The username is not secret by itself, but it is useful triage context next to an Adafruit IO key.
Location
ADAFRUIT_AIO_USERNAMEsettings.toml, secrets.py, config.h, secrets.h, .envCircuitPython, Python, Arduino, and local environment files that commonly store Adafruit IO usernames
Adafruit IO client examples and application code that pairs username with key material
Notes
Username findings should not create secret findings alone; use them as context for nearby Adafruit IO key material.
Adafruit IO MQTT Credential
adafruit / mqtt-credential
Adafruit IO MQTT clients authenticate with the Adafruit IO username and IO key. Embedded sketches and IoT configuration often store these together with Wi-Fi credentials.
Location
settings.toml, secrets.py, config.h, secrets.hMicrocontroller and IoT project files containing Adafruit IO username/key pairs and MQTT client configuration
Device provisioning stores, CI/CD variables, password vaults, and firmware build secret stores
Arduino sketches, CircuitPython examples, MQTT scripts, device firmware, and tests
Serial console logs, MQTT connection logs, firmware debug logs, and captured device output
Notes
Generic Wi-Fi SSIDs/passwords are not modeled here; this block is scoped to Adafruit IO credential use in MQTT/device clients.
Scope
Authorized use
LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.