Dotfiles added to version control? Check.
Signed up for website requiring authentication? Check.
Use a command line tool to connect with said website? Check.
Running OS X? Check.
Authentication credentials should not be checked into version control. Use Security.
Add password to keychain
$ security add-generic-password -a YOUR_LOCAL_OSX_USER -s github.password -w YOUR_GITHUB_PASSWORD
Export environment variable with value from key
$ export GITHUB_PASSWORD=$(security 2>&1 >/dev/null find-generic-password -gs github.password | sed 's/password: "\(.*\)"/\1/')
Automate export from dotfile
Stay safe my friends.