How do you safely store your API keys?
I currently store a lot of different API keys and secrets across various .env files (which are not checked in to git) on my local machine. If I need to reuse a key usually look into other project files and copy it from there. Is this considered good practice or should I be using something like a password manager for them?
5 Replies
you could consider using a service like doppler!
https://www.doppler.com/
I am using it & loving it!
Doppler: Enter the New Era of Secure Secrets Management | Cloud-Bas...
Doppler redefines how engineering teams handle secrets. Experience enhanced security, agility, and automation with our cloud platform. Start your free trial.
everything you need is free :)
If you have the sign ins to where you got the keys from, then you can always go and get them from those websites.
can second @chillihero , we use doppler at work and it has been fantastic. But yeah I wouldn't prefer/recommend anything but a good secrets manager.
I'll definetly look into this. thanks for the suggestion!