Proven. Trusted. Secure.

A proven security model, with multiple layers of protection.

To you, the reader:

Security is an evermoving target - an arms race. But that doesn't mean it should be hard to use. Good design can make complex things simple, and that is what we are after at Dotenv.

Dotenv is a security tool. It has been since it was first developed in 2013. We saw developers struggling to keep their secrets safe so we pioneered the .env security file format standard. The design led to a better Developer Security Experience - which led to safer secrets for millions of developers. Today, we are taking that to the next logical step.

What is the problem with .env files today? The world has changed. Developers manage secrets at greater scale than a decade ago. .env files are not easily shareable between machines, environments, and team members. As a result, developers share secrets over Slack, email, and other messaging services. It's not scaleable and is a security risk. For a CTO or CSO it is a risk they should not take.

So, today, we are extending the .env file format to support syncing across machines, environments, and team members. It's an exciting development and we welcome you to go on this journey with us.

Sincerely,

Scott Motte

Founder & CTO

aka Mot

🏆 Layer 1 Protection

It starts with the .env file

Others are attempting to do away with the .env file. We think that is a mistake. It has a security track record par excellence.

DB_HOST=localhost
DB_PASSWORD=pa$$word
ENCRYPT_PUBLIC_KEY=5daef8d0b8c62f9569a634c88574cdd0
GATSBY_API_URL=http://localhost:3000/gatsby
MAILCHIMP_API_USERNAME=d3a5f1d9f215941181752a7f0bda5380
S3_KEY=cd89a34bcd76
SIGN_PUBLIC_KEY=84a8cfc121cb6b517f7c11c92cad2cc7
STRIPE_KEY=scr_a34bd7c37abc
STRIPE_PUBLIC_KEY="pub_z17ab3d3741a"


Self-Documenting
Ease-of-Use
Works Everywhere
Good Constraints
Proven Security
Limited Scope

Learn more

1M+ Developers
250K+ Organizations
100M+ Installs per month

🔐 Layer 2 Protection

Configure Dotenv Vault

Use dotenv-vault to prepare your project for Dotenv Vault. It generates a Project Identifier and a Credential.

Generating… .env.project and .env.me

DOTENV_PROJECT=prj_9a165d0e625ec4047e8c3f3a5766868a



Identifies your project in Dotenv Vault.

Learn more →

DOTENV_ME=me_759f1858d55b2c8cd23efb18612d6a3a



Authorizes you for this project at Dotenv Vault.

Learn more →

🔐 Layer 2 continued…

Secure in Dotenv Vault

Use dotenv-vault to securely push and pull your secrets from Dotenv Vault.

Authenticating… .env.project and .env.me

🌐
https://ui.dotenv.org
.env

development

9

.env.staging

staging

9

.env.production

production

9

Secured in Dotenv Vault

3,000+ Organizations and growing rapidly

Ready to get started?

Join millions of developers that already trust and use Dotenv.

No credit card required
Dotenv for
  • Agencies
  • Startups
  • Enterprises
  • Bootstrapped Startups
  • Side Projects
  • Developers

💛 Est. 2013