1Password Secrets Automation VS Doppler

We’ve recently released and have been working on our developer tools more, and our Secrets Automation product integrates with Vault. Maybe something to check out, but I’m not too developer-focused so I’m actually not really sure the exact use case for why you’d bring both of these tools together. But I imagine there’s something here to consider ;). Source: almost 2 years ago

With 1Password Secrets Automation, the 1Password Developer Products team introduced the concept of secret references. It starts by storing a sensitive value, such as an API credential or client ID, in 1Password. That item and the field you’d like to get the value from can then be retrieved through a special op:// URL scheme that 1Password’s tooling knows how to parse. It’s made up of three parts: vault, item, and... - Source: dev.to / almost 2 years ago

People thinking this is an absurd amount of money are sleeping on how 1Password is quietly positioning itself to become the ground truth storage solution for corporate secret management, across devops and non-technical groups alike. Given Hashicorp's market cap of 11B, and 1Password's narrative on how to become even more central to corporate use cases by being the storage layer for Vault deployments,... - Source: Hacker News / over 2 years ago

If you’re asking yourself where you should be keeping secrets, you should be using a secrets manager. Two examples include Doppler (https://doppler.com). - Source: Hacker News / 2 months ago

I'm a developer advocate at Doppler (https://doppler.com), and we are a secrets (API keys, certs, etc.) management platform. I create content that's aimed at informing readers about our product. One of the biggest challenges I've encountered is convincing developers to trust our platform in a world of zero trust. Since we store important and sensitive data, we are often asked about how we encrypt data and what we... - Source: Hacker News / 2 months ago

Doppler (https://doppler.com) is my preferred tool for storing API keys. It centralizes where you manage all of your environmental variables and makes it so you never risk exposing your API keys in a code repo. There's a CLI tool that makes it easy to use all of your environment variables while you're developing and a ton of integrations for wherever you prefer to deploy your... - Source: Hacker News / 3 months ago

It seems like they made a lot of assumptions that something like this wouldn't happen. They assumed employees would never leak secret information, and that their GitHub repos would never be exposed. They could've used https://doppler.com) and never had this problem. It's a little too easy to get comfortable thinking things work well the way they are. This should be a warning to other companies to seriously... - Source: Hacker News / 3 months ago

It's absolutely nuts that a company like Mercedes-Benz isn't using some type of secrets manager (like https://doppler.com or AWS Secrets Manager) to restrict access to this type of data. It also seems like they have extremely bad practices if they're pushing passwords and keys to code repos. - Source: Hacker News / 3 months ago