Doppler VS have i been pwned?

If you’re asking yourself where you should be keeping secrets, you should be using a secrets manager. Two examples include Doppler (https://doppler.com). - Source: Hacker News / 3 months ago

I'm a developer advocate at Doppler (https://doppler.com), and we are a secrets (API keys, certs, etc.) management platform. I create content that's aimed at informing readers about our product. One of the biggest challenges I've encountered is convincing developers to trust our platform in a world of zero trust. Since we store important and sensitive data, we are often asked about how we encrypt data and what we... - Source: Hacker News / 3 months ago

Doppler (https://doppler.com) is my preferred tool for storing API keys. It centralizes where you manage all of your environmental variables and makes it so you never risk exposing your API keys in a code repo. There's a CLI tool that makes it easy to use all of your environment variables while you're developing and a ton of integrations for wherever you prefer to deploy your... - Source: Hacker News / 3 months ago

It seems like they made a lot of assumptions that something like this wouldn't happen. They assumed employees would never leak secret information, and that their GitHub repos would never be exposed. They could've used https://doppler.com) and never had this problem. It's a little too easy to get comfortable thinking things work well the way they are. This should be a warning to other companies to seriously... - Source: Hacker News / 4 months ago

It's absolutely nuts that a company like Mercedes-Benz isn't using some type of secrets manager (like https://doppler.com or AWS Secrets Manager) to restrict access to this type of data. It also seems like they have extremely bad practices if they're pushing passwords and keys to code repos. - Source: Hacker News / 4 months ago

Does her email show up on any leaks on https://haveibeenpwned.com/ ? I'm wondering if not publishing it would have made any difference to receiving phishing messages. - Source: Hacker News / 9 days ago

> in hacked datadumps https://haveibeenpwned.com/ 45 data breaches and 7 pastes Wow, I don't know if I've ever seen a real address in so many breaches haha. - Source: Hacker News / 9 days ago

HIBP provides a free service to check if a user's password has been compromised in a data breach. The HIBP API can be integrated into the sign-in or password update services to notify users that the password has been compromised. Ideally, when updating a password with a known compromised password, the service would block that password from being used with helpful information. HIBP doesn't publish the companies... - Source: dev.to / 20 days ago

This is a great site for checking current and monitoring future breaches: https://haveibeenpwned.com/. - Source: Hacker News / about 2 months ago

I've been with AT&T since they merged with Cingular in 2006, and according to https://haveibeenpwned.com/ I'm not included in this dump. - Source: Hacker News / 2 months ago