Skip to main content
Information Security

Questions tagged [secrets-management]

Ask Question

The tag has no summary.

74 questions
Newest Active Bountied Unanswered
1 vote
1 answer
301 views

Tools like Ansible Vault, CNCF SOPS or Chezmoi make it easiy to keep secrets encrypted in version control, so that you can publish the repository, but still use the secrets inside when deploying. This ...
Tyler's user avatar
  • 13
1 vote
0 answers
103 views

We currently provide API keys to our users for authentication, but we do not support API key rotation (i.e., users must generate new keys manually).I’m trying to understand: Is it common for API ...
Sammy Chaouki's user avatar
  • 11
3 votes
1 answer
531 views

I'm designing a service to store secrets without relying on traditional mail-password system. I will describe this service to give a bit more context for my questions, at the end. secret The payload ...
ethicnology's user avatar
  • 133
0 votes
2 answers
232 views

Currently, there is no way to use the OpenAI API (ChatGPT) from the frontend without exposing your secret key. I wonder if there is a way to solve this. My thinking is: I would create a web server ...
Ella Sharakanski's user avatar
  • 101
1 vote
0 answers
136 views

I am creating a browser(chrome) extension that will serve as a youtube-music last-fm scrobbler(detect songs and send them to last.fm). I created a last.fm application(docs) which granted me an api ...
Alator's user avatar
  • 111
1 vote
1 answer
159 views

HashiCorp Vault Agent creates a sidecar that talks to the Vault server and injects secrets as files into containers, where the files are located under /vault/secrets/. "render all defined ...
PatPanda's user avatar
  • 111
0 votes
0 answers
74 views

Is this a good approach to preventing the leakage of secrets? Say I had a simple setup where Alice holds the secret to access Bob, and Charlie has basic shell access to Alice (with a different auth ...
Samuel Marks's user avatar
  • 113
1 vote
1 answer
88 views

I have recently been thinking deeply about the most secure ways to store credentials (like API keys) for use by unsupervised programs running on unsupervised servers. I have such systems and would ...
Joshua Schroijen's user avatar
  • 113
0 votes
0 answers
67 views

We have a service running on AWS. This service uses secrets such as API keys of third party services (in other words: secrets which do not rotate automatically). These secrets are stored in AWS ...
Itay Maman's user avatar
  • 101
2 votes
2 answers
330 views

Scenario: I have a PHP web application that needs to make an API call using a password provided by the user. I want to temporarily store this password so I can use it across multiple requests without ...
Techlands's user avatar
  • 21
0 votes
1 answer
298 views

I have a process that needs secret keys to be passed as environment variables. That is for historical reasons. I have a AWS machine where this process runs but I do not want to store these keys in ...
Henrique Bucher's user avatar
  • 103
-1 votes
1 answer
312 views

I am exploring how to use docker secrets, but all the secrets are visible in plain text format to anyone who can use the docker command. How do I ensure all secrets are sufficiently protected and not ...
learningtech's user avatar
  • 317
0 votes
1 answer
361 views

Given a Wireguard client configuration file, I guess some of the fields shouldn't be shared with just anyone, like the private key, right? Is there any other field that should be treated as a ...
matteo-g's user avatar
  • 101
2 votes
0 answers
154 views

We currently rotate AWS-specific secrets via AWS Secrets Manager without much issue. However, we are looking to also rotate secrets e.g. API keys for specific services, but AWS Secrets Manager does ...
Wunderbread's user avatar
  • 121
0 votes
1 answer
739 views

I see why it is obviously bad to store a secret key and client ID in the source code for a web application. However, how do you go about the alternative? Surely, that information has to be stored ...
BigMistake's user avatar
  • 123

15 30 50 per page
1
2 3 4 5