Rust Zeroize to Protect Hot Secrets

What is a Hot Secret?

Have you ever logged into a website only to realize that someone else is already logged-in under your account? Have you ever been saved by a two-factor authentication scheme? Have you ever been betrayed by a server that disclosed your password?

Growing up is hard to do on The Web

Two-factor authentication is used because it is necessary. Password Managers help you generate disposable strong passwords because it is necessary. A Less-Trust model of security is a More-Secure model of security. Lessening the surface area of an attack is one of the best ways to mitigate the danger. Make it hurt less, let it happen, but be ready.

Zeroize Secrets in Rust

The zeroize crate is one of the sanest practices that I think should be encouraged more for service providers. If you are hosting a secure service, as a user I would appreciate whoever treats secrets appropriately. Don't accidentally disclose a secret by letting it languish in memory for too long; zeroize it and be done with it.