← back to docs

Security Overview

Security is an evermoving target - an arms race. But that doesn't mean it should be hard to use. Good design can make complex things simple, and that is what we are after at Dotenv.

Dotenv is a security tool. It has been since it was first developed in 2013. We saw developers struggling to keep their secrets safe so we pioneered the .env file format standard. The design led to better DSX - which led to safer secrets for millions of developers. Today, we are taking that to the next logical step.

What is the problem with .env files today? The world has changed. Developers manage secrets at far greater scale than a decade ago. .env files are not easily shareable between machines, environments, and team members. As a result, developers often share secrets over Slack, email, text message, and post-it notes. It's not scaleable and fraught with security risks. For a CTO or CSO it is a risk they should not take.

So, today, we are extending the .env file format to support syncing across machines, environments, and team members. It's an exciting development and we welcome you to go on this journey with us.

We are designing a handful of extensions and services on top of the .env file format to make this happen. They are:

.env file
This file format is trusted and proven for securely storing your development secrets. Read details
.env.project identifier
Uniquely identify your project in the Dotenv universe. Read details
.env.me credential
Securely authorize your machine to sync secrets between machines. Unique per project/user permutation to minimize fallout from potential security leaks. Read details
Dotenv Vault
Store your secrets. The Dotenv Vault is composed of multiple layers of bank level encryption at the application, databases, and protocol layers. Read security details
Dotenv CLI
Generate .env, .env.me, and .env.project files and sync secrets between machines, environments, and team members. Read details

And this is just the start. There are also integrations into 3rd party services like AWS Secrets, AWS Parameter Store, Slack, Heroku, GitHub, and more - as well as plans to allow you to 'bring your own vault'β„’.

Here's an infographic you might find useful.

It is going to be an exciting journey. We hope you get stoked on it with us! 😎

← read more docs

† admins only ‑ owners only