Keywhiz

Keywhiz

Keywhiz is an open-source software system that helps manage and distribute secrets such as passwords and authentication keys. It provides secure storage and controlled access based on role-based permissions.
Security & Privacy Access Management
Keywhiz image
secrets-management authentication-keys passwords access-control
Keywhiz alternatives ➤

KeyWhiz: Open-Source Secret Management

Keywhiz is an open-source software system that helps manage and distribute secrets such as passwords and authentication keys. It provides secure storage and controlled access based on role-based permissions.

What is Keywhiz?

Keywhiz is an open-source software system designed to help manage and distribute secrets such as passwords, API keys, SSL certificates, and other authentication artifacts securely. It provides secure storage, versioning, and controlled access to help organizations centralize and control access to secrets through fine-grained access controls.

Keywhiz allows organizations to store secrets encrypted in a database backend. It supports plugins for storage in MySQL, PostgreSQL, and SQLite. Access to secrets is controlled through access groups and clients based on HTTPS mutual TLS authentication integrated with LDAP or custom plugins. Keywhiz aims to reduce insecure secrets sprawl and provide secret distribution as a service within organizations.

Key features of Keywhiz include:

  • Secure encrypted storage of secrets and credentials
  • Versioning of secrets to retain history
  • Access control via client certificates and access groups
  • Automated secret rotation
  • Integrations with HashiCorp Vault and other systems
  • CLI client and management UI
  • Audit logging of access

Keywhiz was created and open-sourced by Square and is now used by various organizations to centrally manage API keys, passwords, certificates and other secrets. It aims to improve security by reducing reliance on insecure practices like hardcoded credentials.

Keywhiz Features

Features

  1. Secure storage and controlled access to secrets
  2. Role-based access control
  3. Audit logging
  4. Automated secret rotation
  5. Integrations with applications and infrastructure

Pricing

  • Open Source

Pros

Improves security by centralizing secret management

Simplifies secret distribution across infrastructure

Reduces risk of compromised credentials

Increases visibility into access of sensitive data

Cons

Additional system to deploy and manage

Requires changing application configuration

Limited native integrations compared to commercial solutions

Official Links

Official Website
https://square.github.io/keywhiz/

The Best Keywhiz Alternatives

Top Security & Privacy and Access Management and other similar apps like Keywhiz

Here are some alternatives to Keywhiz:

Vault by HashiCorp icon
Vault by HashiCorp
AWS Secrets Manager icon
AWS Secrets Manager
Bitwarden Secrets Manager icon
Bitwarden Secrets Manager
Karmahostage icon
Karmahostage
Torus.sh icon
Torus.sh
Suggest an alternative ❐

Vault by HashiCorp icon

Vault by HashiCorp

Vault by HashiCorp is an open source secrets management tool designed to help organizations securely store and control access to tokens, passwords, certificates, encryption keys, and other sensitive data. Here are some key things to know about Vault:Provides encryption for data at rest and in transit using industry standard algorithms.Centrally...
Vault by HashiCorp image
AWS Secrets Manager icon

AWS Secrets Manager

AWS Secrets Manager is a cloud-based service that enables you to securely store, manage, and retrieve credentials for different resources. It allows easy access control using identity-based policies and fine-grained permissions.Key features of AWS Secrets Manager include:Secure storage for API keys, passwords, tokens using encryptionScalable and highly available secret storageAutomatic...
AWS Secrets Manager image
Bitwarden Secrets Manager icon

Bitwarden Secrets Manager

Bitwarden Secrets Manager is an enterprise-ready solution for managing sensitive information such as passwords, API keys, access tokens, and encryption keys. It provides organizations with a secure and centralized secrets vault to store credentials and other confidential data.As an open source alternative to proprietary solutions like LastPass Teams and 1Password...
Bitwarden Secrets Manager image
Karmahostage icon

Karmahostage

Karmahostage is an open-source comment hosting service released under the MIT license. It allows website owners to easily integrate a comment system into their sites to enable user discussions.Some key features of Karmahostage include:Lightweight and fast - it uses very little server resources so it can handle high traffic websitesCustomizable...
Karmahostage image
Torus.sh icon

Torus.sh

Torus.sh is an open-source, self-hosted password manager and authenticator application. It stores all your sensitive data, such as website credentials, credit card information, identities, and more, encrypted locally on your device using AES-256 encryption. Some key features of Torus.sh:Open-source codebase that allows transparency and community contributionsLocal encryption ensures only you...