re: How does your organization pass secret keys around? VIEW POST


If you just need to pass one-off chunks of data encrypted end-to-end, I've used KeyVault a lot. You paste the thing into the form, copy the link it gives you, paste it into a chat with your recipient, and they open it in their browser, save the thing, then click the "Destroy" link. No registration, just ephemeral blobs of encrypted data.

The other thing I've used in the past for longer-term stuff is HashiCorp Vault. It's awesome, but requires you to host it yourself. You can store the secrets on the server's local hard drive or S3 or one of almost a dozen or so other places. Everything's encrypted at rest and it can be used to store secrets for your company's apps (DB logins, tokens/keys for 3rd-party services, etc).

code of conduct - report abuse