MAIN MENU
Definition

Secrets management

Secrets management is the practice of securely storing, distributing, rotating, and auditing the non-human credentials that applications and infrastructure rely on — API keys, tokens, certificates, and connection strings. Learn what counts as a secret, how secrets management works, and how it differs from password management.

DT Devolutions Team · July 7, 2026 · 2 min read

What is secrets management?

Secrets management is the practice of securely handling the credentials that machines, applications, and infrastructure use to authenticate to one another. Unlike a user password typed at login, these secrets are consumed by code and automation — so they need to be stored, delivered, rotated, and audited in ways suited to systems rather than people.

What counts as a secret?

Secrets are the non-human credentials that hold systems together:

  • API keys and tokens used by applications and integrations.
  • Database connection strings and passwords used by services.
  • Certificates and private keys used to establish trust.
  • Service account credentials used by automation.
  • Encryption keys used to protect other data.

How does secrets management work?

A secrets management system centralizes control of these credentials:

  • Secure storage — secrets are held encrypted in a central vault, not hard-coded in source or config.
  • Controlled distribution — applications retrieve secrets at runtime through authenticated requests.
  • Rotation — secrets are changed regularly, ideally without downtime.
  • Auditing — every access to a secret is logged.

Secrets management vs. password management

Password management deals mainly with human credentials — the passwords people use to log in. Secrets management deals with non-human credentials that applications and infrastructure use to authenticate automatically. The challenges differ: passwords are entered by people, while secrets are consumed by code at scale and speed, which puts a premium on programmatic retrieval and automated rotation.

Why does secrets management matter?

Secrets hard-coded in source code, configuration files, or scripts are a common and dangerous exposure — they leak into repositories, logs, and backups, and rarely get rotated. Centralizing them removes those hiding places, allows rotation without code changes, and makes every use auditable, closing one of the most overlooked gaps in an organization's credential security.

Frequently asked questions

What is secrets management?

Secrets management is the practice of securely storing, distributing, rotating, and auditing the non-human credentials that applications and infrastructure rely on, such as API keys, tokens, certificates, and connection strings. It handles credentials consumed by code and automation rather than typed by people.

What is the difference between secrets management and password management?

Password management deals mainly with human credentials — the passwords people use to log in — while secrets management deals with non-human credentials that applications and infrastructure use to authenticate automatically. Secrets are consumed by code at scale, which puts a premium on programmatic retrieval and automated rotation.

What counts as a secret?

Secrets are non-human credentials such as API keys and tokens, database connection strings, certificates and private keys, service account credentials, and encryption keys — the credentials systems use to authenticate to one another.

Get secrets out of your source code

Store, distribute, and rotate machine credentials securely with Devolutions.

Explore Devolutions Password Manager

Related terms

Password manager

An application for vaulting, managing, and sharing credentials securely.

Read now

Password vault

A digital repository for securely storing credentials in encrypted form.

Read now

Zero-knowledge encryption

Encryption in which the provider never has access to your unencrypted data.

Read now