How to use passwords safely

The Wallet we're using is a standard part of Ethereum, and it requires the user to enter a password. For interactive applications, that's not a problem; however, in automated systems it can pose some security challenges. Let's look at how to minimize security issues.

1. Use a secrets system. Examples include AWS Secrets Manager, HashiCorp Vault, Azure Key Vault, and Google Secret Manager. These tools allow you to store passwords (and other sensitive information like API keys) in encrypted storage, with strict access controls. This way, your password isn’t part of your source code or log files.

2. Minimize privileges. Don’t run your app with high privileges, and definitely don’t run it as root. If an attacker compromises your system, you want to limit how much damage they can do. Set up a dedicated user account with only the permissions needed for running the wallet code.

3. Never hard-code passwords. Leaving passwords in your source code or a config file checked into GitHub is an instant vulnerability. Instead, inject them at runtime using environment variables, a secrets manager, or secure configuration files excluded from version control.

4. Secure your environment variables. If you pass the password through an environment variable, make sure your deployment platform protects environment data from being read by untrusted users. Also, avoid echoing or logging environment variables during debugging.

5. Lock down logs. Ensure your logging framework never prints the wallet password. Mask or redact sensitive data so it doesn’t end up in logs or monitoring dashboards.

6. Limit password reuse. Don’t recycle a wallet password as a login password elsewhere. Each wallet should have its own unique passphrase, reducing the blast radius of any breach.

7. If you even suspect your password has been discovered, create a new wallet and transfer your funds to that wallet.

[TODO: Regarding the final item, what about the entities they've already stored?]