[lasermike026]

Don't store secrets in env files. Use a secrets manager and a password manager. Configure SSO for everything. Use MFA for everything. Rotate your keys regularly. Do not allow long-lived user accounts to exists.

https://aws.amazon.com/secrets-manager/ https://keepersecurity.com/

What is a long-lived user account? https://g.co/gemini/share/84c224b18bf0