Secretless, Identity-based Infrastructure Access

Secretless, Identity-based Infrastructure Access

Sep 2, 2022

Passwords are everywhere. Sometimes they are obvious — hardcoded in the code or laying flat in the file, but other times they take the form of API keys, tokens, cookies, or even second factors. Devs pass them in environment variables, vaults mount them on disk, teams share them over links, and copy them to CI/CD systems and code linters. Eventually, someone leaks, intercepts, or steals them. Because they pose a security risk, there is no other way to say it: passwords in our infrastructure have to go.

In this session, we’ll go over passwordless authentication methods that can be used by your organization and how Teleport can help protect your environments using short-lived certificates.