re: I was billed for 14k USD on Amazon Web Services 😱 VIEW POST

VIEW FULL DISCUSSION
 

Yikes, that sounds awful!

I haven't used this, but I stumbled upon a piece of software a while back that looks for high entropy strings - I wonder if it would have picked up your committed credentials?

It was because of a fear for this exact situation that I switched all of my private credentials for my applications to being encrypted at rest; I wrote this tool to load credentials from a KeePass database into my shell environment, which my scripts and applications can pick up. It's not perfectly secure, but it's a step in the right direction!

code of conduct - report abuse