Docker Secrets VS EnvKey

Docker has revolutionized the way we build, ship, and run applications. However, when it comes to handling sensitive information like passwords, API keys, and certificates, proper security measures are crucial. Docker secrets provide a secure and convenient way to manage sensitive data within containers. - Source: dev.to / 11 months ago

Are you using swarm mode? If so, you might want to consider using secrets. Source: over 1 year ago

Have a look here https://docs.docker.com/engine/swarm/secrets/. Source: over 1 year ago

To use a secret you have to map it during the creation of a service (in this case redis like in the documentation:. - Source: dev.to / over 1 year ago

Using docker secrets: This seems a no brainer, however, I haven't yet fully understood the documentation entry. For example, after reading this entry I still don't know if I can use docker secrets along with my strategy of having a separate .env file containing the environment variables (and the sensitive ones being handled by docker secrets). I have to enable swarm mode and I don't fully understand the... Source: over 1 year ago

You can check out EnvKey[1] as another option (I’m the founder). We have similarly simple UX but are more robust on security. Browser-based end-to-end encryption is a bit of a fig leaf—it doesn’t protect against insider threats. 1 - https://envkey.com. - Source: Hacker News / 11 months ago

Hey, congratulations on the launch. How does this compare to EnvKey[1]? [1]: https://envkey.com. - Source: Hacker News / about 1 year ago

In most cases, attempting to roll your own secrets management (or just ignoring secrets management entirely) will end up spraying access across all kinds of third party services (usually in plain text), as engineers resort to sharing secrets via email, chat, file sharing, and other tools to get their work done. The cost/benefit/risk calculation to doing this yourself isn't good. Using open... - Source: Hacker News / over 1 year ago

If anyone out there is using environment variables currently, is interested a quick path to plugging the leaks in their secrets management, check out EnvKey[1] (disclaimer: I'm the founder). Because EnvKey integrates tightly with environment variables, no app code changes are needed to switch, so it only takes a minute or two to import/integrate a typical app. EnvKey is designed to help avoid incidents exactly... - Source: Hacker News / over 1 year ago

If anyone’s looking for something more secure than vanilla env vars but simpler than Vault, you could check out EnvKey[1]. Disclaimer: I’m the founder. It’s end-to-end encrypted, cloud or self-hosted, and very quick to integrate. 1 - https://envkey.com. - Source: Hacker News / almost 2 years ago