Ask HN: How do you manage hard coded passwords and keys in your codebase?
I got the request to put a global admin into our app, with access to all tenants. The Tenants all have separate databases and a global admin would have to be implemented with a migration on all databases including the password.
This however is not a good solution. Normally we inject secrets via environment variables, but is there a better way? I heared of secrets management engines, but you also need a shared secret to connect to these two. Do I trade many micro secrets for one big secret than?
Or do I just declare my codebase and the server as secure and announce that if someone has access to these components already owns the company?
4 comments
[ 3.0 ms ] story [ 28.5 ms ] threadIf you listed the program on the terminal it printed, deleted and printed hashes fast enough you could not read it, and if you printed out to the printer, it printed fast enough you could not read it and hashed out well enough you could not read it either..
[0] https://www.hashicorp.com/products/vault/secrets-management