Two things: stolen credentials and hardening your systems against long-lived credentials. if you rotate access credentials every few minutes (or every hour), the impact of stolen credentials is way smaller.
-
-
-
oh, something I didn't see others say: it removes a modality from your system. if you’re _always_ rotating credentials, then credential rotation is just another thing your system does—it’s not a special mode that you have to reason about.
End of conversation
New conversation -
-
-
Honestly, the biggest benefit of having continuous / automated rotation in place is that it's not a catastrophe when there is a compromise. Without the forcing function of rotations, people *will* use static credentials.
-
If you're too scared to rotate creds, it means you don't know who is using them. Not a good place to find yourself.
End of conversation
New conversation -
-
-
If you can easily rotate you should rotate regularly. Done correctly this can decrease the value of stealing a private key because it will only be useful for a certain amount of time
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
The industry standard minimum is 1 year. With ACME / Let's Encrypt I'd say the industry standard minimum is moving to 3 months. Google rotates keys continuously (for e.g. Cloud KMS/data-at-rest encryption) The main threat I think it helps protect against is accidental exposure
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Minerva Timing attack would be one, but it's hard to pull off in practice.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
we rotate after potential exposure to public resources, e.g. got accidentally checked in in git, or internal api was publicly accessible
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.