An environment without Secret Management
I arrived on site at the client and things could’ve been a lot better. There were password protected zip files containing more passwords, sticky notes stuck to monitors and desktop applications with names that sounded like saying “psychotic” with a lisp. When an application needed a password to connect to another service it would be promptly written to a config file and checked into version control. Rotating a password meant RDPing into a machine with an administrator account and typing in the new password, trying to remember which server was updated first. Databases were configured with admin accounts and the passwords were left untouched with numbers like '123' slapped on the end. They need a credential/secret management service and starting on a new cloud provider was a good time to create some good habits going forward.