[off topic] @samuel Could this go in the public forum? I know this is about security, but there shouldn’t be anything in this thread that would be an issue to communicate about publicly? And if there were, that could go in a specific private thread when/if needed.
Your GitHub personal access token used for logging in to Vault is stored securely (eg. in your password manager).
This seemed strange to me, as I have never had to “store” this token anywhere. When it expires, I just create a new one in GitHub’s UI, then enter it directly into Vault, and never have to think about it again until it expires a couple months later, in which case I need to generate a new one anyways.
Oh that’s interesting. I often get logged out of vault and need to enter the token again - that’s why I’ve been treating that token as a password and stored in my password manager. You’re right that it would be more secure to not store the token anywhere locally. Do you think the checklist should be updated?
Hmm, I get logged out about every two months and I assume (or maybe the message says) that it’s because the token is expired, so I regenerate a new one then. If that’s what you’re talking about, maybe I could be saving myself some work and re-using the tokens. But if you mean that you get logged out much more often than that, I’m surprised because I usually stay logged in for about two months at a time.
Oh . I knew GitHub tokens never expire so I always wondered why Vault kept telling me the token expired. I just assumed that Vault had some sort of security policy requiring you to get a new token from GitHub every so often. That makes way more sense. Well I’m glad I talked to you! Turns out I should have been saving the token in my password manager
When browsing the documentation/handbook, feel free to open any tickets related to typos, outdated information and so on. This will help to assign newcomer friendly tickets to our newcomers and keep our documentation updated. Example: We don’t use KeePass (based on my best knowledge) anymore, hence I opened an issue which will result in a newcomer friendly ticket.