Back to Glossary
SecurityIntermediate

What is Secret Management?

The practice of securely storing, accessing, and rotating sensitive data like passwords, API keys, and certificates.

Why It Matters

Proper secret management prevents sensitive credentials from being exposed in code, logs, or version control.

Real-World Example

Using AWS Secrets Manager to store database passwords and rotate them automatically every 30 days.

“Understanding terms like Secret Management matters because it helps you have better conversations with developers and make smarter decisions about your software. You do not need to be technical. You just need to know enough to ask the right questions.”

Callum Holt, Founder, 13Labs

Learn More at buildDay Melbourne

Want to understand these concepts hands-on? Join our one-day workshop and build a real web application from scratch.

Join buildDayExplore More Terms

Related Terms

Glossary

Environment Variables

Secret settings stored outside your code, like passwords and API keys

Glossary

Encryption

Scrambling data so only authorised parties can read it

Glossary

API Key

A unique code passed with API requests to identify the calling application and control access.

Glossary

Authentication

The process of verifying who someone is, usually through a username and password

Glossary

Authorisation

Determining what actions or data a verified user is allowed to access

Glossary

OAuth

A standard that lets you log into apps using your existing accounts from Google, Facebook, or other providers