HACKER Q&A
📣 number6

How do you manage hard coded passwords and keys in your codebase?


I got the request to put a global admin into our app, with access to all tenants. The Tenants all have separate databases and a global admin would have to be implemented with a migration on all databases including the password.

This however is not a good solution. Normally we inject secrets via environment variables, but is there a better way? I heared of secrets management engines, but you also need a shared secret to connect to these two. Do I trade many micro secrets for one big secret than?

Or do I just declare my codebase and the server as secure and announce that if someone has access to these components already owns the company?

  👤 basicplus2 Accepted Answer ✓
When i first started programming in Basic on a PDP11 i wrote a program with a password embedded in it but it included deletion of the characters and typing over them with hashes as part of the password.

If you listed the program on the terminal it printed, deleted and printed hashes fast enough you could not read it, and if you printed out to the printer, it printed fast enough you could not read it and hashed out well enough you could not read it either..

👤 stop50
We don't have admins that can do everything. A super admin would be a single point where hackers would focus on. these micro secrets are a bit better since you usually can add limits to them about what they can do. Some also have an log who accessed what when. i understood that you add the admin with a migration. So effectivly you create a lot of admins that share the username and password. The least you can do is to document it and hve it especially in the codebase salted and hashed. An software for saving credentials would be the most useful when you are building and packaging the software for the systems.the codebase itself would have only an placeholder for the username and the password and only in the process of the build the username and password is loaded, the later hashed and replacing the placeholders. This way even your codebase doesn't have the password and you can rotate the password without having old ones in your codebase lingering.
👤 beauHD
There is Hashicorp Secrets Management which I haven't used, but might be a solution you're looking for.

[0] https://www.hashicorp.com/products/vault/secrets-management