Secrets Management

Secrets management is a practice that allows developers to securely store sensitive data such as passwords, keys, and tokens, in a secure environment with strict access controls.

A common person connected to the internet must use a few dozen of passwords. Using a different password for each service and memorize all of them without writing it down it is not always possible. Some usual methods to write it down (papersheet out of a vault, unprotected Excel file, etc.) are not safe at all.

One solution that helps to write it down in a safe way is a password manager, password vault, or credential manager.

Most password vaults use PBKDF2 or Bcrypt to convert the vault’s password into a reasonably strong encryption key.

These terms are related to Credential management system (CMS).

A secret manager is a more general application than password manager.

Credential Management Level 1 API is published by W3C. It is used by many browsers and federation services

Identity as a Service (IDaaS) provides capabilities such as account provisioning, management, authentication, authorization reporting, and monitoring.

A hardware security module (HSM) is hardware based instead of software based, and it is the safest way to store credentials within a CMS. You can read more about HSM on this post.

List of Secrets Management Applications

You can find a list of credential management applications on this post.

You might also be interested in…

Leave a Reply

Your email address will not be published. Required fields are marked *