What is Principle of Least Privilege?

Least privilege is one of the foundational principles in information security. It limits the damage that can result from accidents, errors, or malicious actions by ensuring that no entity has more access than it strictly needs. If an account with minimal privileges is compromised, the attacker gains minimal access.

Applying least privilege to credential sharing means considering not just who should have access, but for how long and how many times. A contractor who needs a database password for a one-time migration should not receive a credential that persists in a Slack channel indefinitely. An engineer who needs a production API key for a deployment should not be able to retrieve it weeks later from an email thread.

Least privilege also applies to systems themselves. A secret sharing server that does not need to read the secrets it stores should not have the ability to read them. A database that stores encrypted data should not hold the decryption keys. By designing systems with least privilege in mind, you reduce the attack surface at every layer.

How Vaulted uses Principle of Least Privilege

Vaulted embodies least privilege at both the system and user level. The server itself operates on least privilege — it stores and delivers encrypted data but has no capability to decrypt it, because it never possesses the encryption keys. For users, configurable view limits (as low as a single view) and expiration windows ensure that shared credentials are accessible only as long as needed. Once viewed, the secret self-destructs, removing access entirely.