I used to use a program called mps-YouTube. It allows to easily play YouTube playlists. Currently it doesn't work anymore, since the Limit has been reached (presumably because every mps-YouTube user shared the same API key).
This made me wonder. You need to register an API key with google, yet you can just use YouTube for free (even adblocking works without any issues).
Since I have to use the API anyway for watching YouTube videos with my browser and don't have an API key, why does mps-YouTube need an API key?
And what would prevent someone from just snatching the key from an open source project like mps-YouTube and using it anywhere else?
Since I have to use the API anyway for watching YouTube videos with my browser and don't have an API key, why does mps-YouTube need an API key?
API key is used by Google to identitfy the application making the requests to its api. If to many requests come from this application then the application will be shutdown or throttled.
And what would prevent someone from just snatching the key from an open source project like mps-YouTube and using it anywhere else?
It is against Googles TOS which application developers agree to when they create their projects. To share any google keys or credentials with others including putting them in opensource projects. So this isn't an issue as it wouldn't / shouldn't happen. See: Can I really not ship open source with Client ID?
I did a quick search of the source code for that project and found the API key in the code is in fact still live i have posted an issue for them Google TOS violation explaining why this is a bad idea.