Automate your infrastructure with webhooks from Doppler. Get notified when anything in your Enclave project changes.
Brownie Points: Doppler signs the webhook request with a secret you provide to verify it is coming from us.
Protect your account with OTP 2FA, an open standard for two-factor authentication.
To encourage best practices, service tokens are now only displayed once during initial creation. After creation, you'll need to generate a new service token to retrieve its value. This helps ensure that you're using a unique service token for each service.
We are excited to ship one of our most requested features: Renaming Secrets!
Have you ever needed to upload a multi-line secret like a certificate? Now you can today!
To help keep customers safe, we now securely check users' passwords against public data breaches. If your password has previously been exposed in a data breach, we'll display a notice during login that requires you to change your password. More info:
We use the k-Anonymity model to anonymously and securely check if your password has been part of any past, public data breaches. Specifically, during login we now take a SHA1 hash of your password. The first 5 characters of this hash are sent to the popular Have I Been Pwned (HIBP) service. HIBP returns a list of all hashes it knows about that start with the same 5-character suffix. Our servers then compare each returned hash against the full SHA1 hash of the user's password. If there is a match, we prompt the user to change their password.
This process can only be performed during login and when changing your password because that's the only time Doppler has access to a user's plaintext password. We store bcrypt hashes of passwords in our database, meaning it would be computationally infeasible to perform this HIBP check at any other time. Additionally, the computed SHA1 hash is used only for the HIBP service and is never persisted outside of application memory.
We'll likely talk more about password security at a future date. For now, we encourage all of our customers to follow these best practices, as we do internally:
We're proud to announce the release of our new Doppler CLI! This release introduces some exciting new features:
All other Doppler client libraries have now been deprecated. This will allow us to more rapidly iterate on features and improve the productivity of our customers.
Thank you to all of our customers for another amazing year. We've got some enormous things cooking for 2020- stay tuned!
Thanks & Happy New Year! 🎉