Doppler is the multi-cloud SecretOps Platform developers and security teams trust to provide secrets management at enterprise scale. Thousands of companies of all sizes—from startups to enterprises rely on Doppler to keep their secrets and app configuration in sync across devices, environments, and team members. Goodbye .env files.
Based on our record, KeePass seems to be a lot more popular than Doppler. While we know about 206 links to KeePass, we've tracked only 19 mentions of Doppler. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
If you’re asking yourself where you should be keeping secrets, you should be using a secrets manager. Two examples include Doppler (https://doppler.com). - Source: Hacker News / about 2 months ago
I'm a developer advocate at Doppler (https://doppler.com), and we are a secrets (API keys, certs, etc.) management platform. I create content that's aimed at informing readers about our product. One of the biggest challenges I've encountered is convincing developers to trust our platform in a world of zero trust. Since we store important and sensitive data, we are often asked about how we encrypt data and what we... - Source: Hacker News / 2 months ago
Doppler (https://doppler.com) is my preferred tool for storing API keys. It centralizes where you manage all of your environmental variables and makes it so you never risk exposing your API keys in a code repo. There's a CLI tool that makes it easy to use all of your environment variables while you're developing and a ton of integrations for wherever you prefer to deploy your... - Source: Hacker News / 3 months ago
It seems like they made a lot of assumptions that something like this wouldn't happen. They assumed employees would never leak secret information, and that their GitHub repos would never be exposed. They could've used https://doppler.com) and never had this problem. It's a little too easy to get comfortable thinking things work well the way they are. This should be a warning to other companies to seriously... - Source: Hacker News / 3 months ago
It's absolutely nuts that a company like Mercedes-Benz isn't using some type of secrets manager (like https://doppler.com or AWS Secrets Manager) to restrict access to this type of data. It also seems like they have extremely bad practices if they're pushing passwords and keys to code repos. - Source: Hacker News / 3 months ago
And the best part is there are solutions already that do this: https://keepass.info/ Does it work on Android or iOS? - Source: Hacker News / 5 months ago
The key difference here being that this is two way hashing so passwords can be decrypted. In reality, there are a lot of attack vectors like MITM, event logging or sometimes straight up storing data in plaintext. Through these hackers can generally get passwords of all users of these services. So, why don't people use local password managers? Just a txt file encrypted with "master password" should be pretty... - Source: Hacker News / 5 months ago
When you're at a point where you're relying on a display name to make security-critical decisions, you've already lost. Character substitutions like ķeepass or ƙeepass or keypass are at least possible to spot if you know the name of the product, but not the full URL. But there are many ways to create lookalike domains that don't change the product name: https://keepass.org https://keepass.net https://keepass.info... - Source: Hacker News / 6 months ago
> People love to hate on passwords but the reality is that for many circumstances (threat models) they are the best compromise. You can make them more than strong enough (take 32+ bytes out of /dev/random and encode however you like, nobody will ever brute force that in this universe) and various passwords managers solve the problem of re-use (never reuse a password). > And it comes with the benefit that you... - Source: Hacker News / 7 months ago
If you have used this combo at many sites (which is of course not recommended) then download one of the available free Password Managers like Keepass, Bitwarden, Lastpass or any others you can find with a Google Search. Source: 7 months ago
1Password - 1Password can create strong, unique passwords for you, remember them, and restore them, all directly in your web browser.
Vault by HashiCorp - Tool for managing secrets
bitwarden - Bitwarden is a free and open source password management solution for individuals, teams, and business organizations.
EnvKey - Protect API keys and credentials. Keep configuration in sync everywhere.
Lastpass - LastPass is an online password manager and form filler that makes web browsing easier and more secure.
Infisical - Infisical is an open source, end-to-end encrypted platform that lets you securely sync secrets and configs across your engineering team and infrastructure