DEV Community


Discussion on: How hackers steal your keys and secrets

omerxx profile image
Omer Hamerman Author

Got it.
Well about secret storage for teams I usually suggest Hashicorp's Vault. My experience with it is excellent. It's open-source, secure, and really thought through in terms of features.

For personal use - good thinking.. I'll consider it myself :)
Althrough someone a few comment above you mentioned they as a team where getting personal Yubikey's for everyone with a Vault specific namespace which was rotated everytime an employee left...

Thread Thread
vald0phoenix profile image
Vladyslav Krylasov

Sounds really great. I heard of Hashicorp's Vault many times but didn't have a chance to learn it more. Will add this to my todo list, thank you.
P.S. Great article.

Thread Thread
omerxx profile image
Thread Thread
organicnz profile image
Tarlan Isaev

Yeah, Vault is awesome especially when you deal with Terraform. I've just tried this practice on Digitalocean and it's pretty straightforward. "You’ll use Packer to create an immutable snapshot of the system with Vault installed, and orchestrate its deployment using Terraform. In the end, you’ll have an automated system for deploying Vault in place, allowing you to focus on working with Vault itself, and not on the underlying installation and provisioning process."