DEV Community

Omar Elbaga
Omar Elbaga

Posted on

Is it safe to host many droplets in one digital ocean account?

Is it safe to host 100 droplets in one digital ocean account? I know you can do 2-factor authentication. Iā€™m just wondering about the security because if someone simply breaks into your account or gets the password they can basically delete all your droplets in one session.

Top comments (2)

dwd profile image
Dave Cridland

I would:

  • Divide your operation deployments into "staging" versus "production".
  • Also divide according to security domain.

The latter means that if a set of droplets, or containers, or servers, or services should have access to a different set of information than another, host them separately. You wouldn't host your accounting software for your business in the same account as the service you offer customers, as an obvious example.

But also, you might note that a security domain changes based on who needs access to the droplets (etc) within it.

Too many accounts, though, will prove difficult to manage and that in turn will probably lower security.

If you have more than 3 or 4 security domains you're probably dividing too finely.

_bigblind profile image
Frederik šŸ‘Øā€šŸ’»āž”ļøšŸŒ Creemers

I think the overhead of managing droplets across accounts outweighs the security benefits, especially if you enable 2FA. I also recommend you use a password manager like 1Password or LastPass to generate strong passwords for you.