> this is table stakes level security; realistically if your DB is compromised, your encryption key probably is too, because they probably got in through your application which holds the key in memory. this just prevents "oops I accidentally copied the DB somewhere and it leaked".
Good point. If the attacker gains access to e.g. a web service that needs to access the stored secrets, they will have encryption keys and DB access.
> if you have, or when you get to the point that you have, a competent ops org, just use HashiCorp Vault.
I watched a video about Vault, but I don't see how it would help. Attacker gains access to the web service which can access Vault -> Attacker downloads all API keys from Vault. Or is there something I'm missing?
Thanks, but this is about password hashing. I would like to know about storing third party customer secrets, like API keys, in the most secure way possible.
I‘m 42. Here‘s my advice to someone half my age. Have conflicts. Put your heart into it. If you loose, you receive some truth. If you win you give some truth. The outcome does not matter if it means you grow.
The mother of my kid and I are separated. I wanted to restrict content/screen time, but she gave him unrestricted access to his iPhone and now I feel it can't be undone. He's 13.
I'm mostly worried about his attention span, especially when I watch him use his phone. But then again, maybe this is just a different generation and I must understand that his way of using the internet is different from mine.
Would you share a story of falling/picking them up?