Secrets & Keys

User passwords storage

JobTeaser follows secure credential storage best practices by never storing passwords in human readable format, and only as the result of a secure, salted, one-way hash. The current hash algorithm used for passwords is BCrypt.

Secrets storage & management

All the secrets (API tokens, passwords, asymmetric keys etc.) used within the application are stored securely in a secure vault, as per industry best-practices, using a self-hosted instance of Hashicorp Vault. Applications’ access to the vault is done with short lived session tokens and is subject to the principle of least privilege (applications only have access to the secrets they need).

HashiCorp Vault allows JobTeaser to automate the secrets management process & follow industry best practices during all the lifecycle phases:

  • Key generation
  • Key storage
  • Key use
  • Key destruction