Use a token format with a prefix

[nicwortel]

Private Packagist uses a token format with a prefix and checksum to help with automated scanning for commited secrets in codebases.
For an example, see Trivy: Secret scanning and aquasecurity/trivy#7826.

Doing the same for Packagist.org would allow those secret scanners to scan for Packagist.org tokens as well.