Secrets on Ilya Rusalowski Hub

Secrets on Ilya Rusalowski Hubhttps://rivik.dev/tags/secrets/Recent content in Secrets on Ilya Rusalowski HubHugoen-usSat, 06 Jun 2026 00:00:00 +0000ykvault: Stop Storing API Tokens as Plaintexthttps://rivik.dev/ykvault-stop-storing-api-tokens-as-plaintext/Sat, 06 Jun 2026 00:00:00 +0000https://rivik.dev/ykvault-stop-storing-api-tokens-as-plaintext/Are you still keeping API tokens in ~/.secrets? Any app you install can read them. ykvault encrypts every secret with a YubiKey challenge-response key — each get/set requires a physical touch, and the encrypted files are useless without your key.