Back to Tags
Credentials
7 items tagged with "credentials"
Filter by type:
Anti-Patterns2
Anti-Pattern
Hardcoded Secrets
Embedding API keys, passwords, or tokens directly in source code, where they leak through version control, logs, and shared binaries.
Anti-Pattern
Long-Lived Static Credentials
Using permanent API keys and access tokens that never expire and are rarely rotated, maximizing the value and lifespan of any leak.
Tutorials3
Tutorial
How to manage secrets securely in CI pipelines
Store, inject, and mask secrets in CI without leaking them, using scoped credentials and short-lived tokens.
Tutorial
How to Rotate Secrets Automatically with Vault
Use HashiCorp Vault dynamic secrets and leases to issue short-lived database credentials that rotate automatically.
Tutorial
How to Scan a Repository for Leaked Secrets
Detect committed secrets, scan git history, add a pre-commit hook, and gate CI so credentials never reach the remote.