Glossary

What is secret encryption?

Last updated June 15, 2026
Reviewed by Better-PaaS team

Protecting sensitive values before storing them. Learn what secret encryption means in self-hosted deployment and Better-PaaS workflows.

Overview

Protecting sensitive values before storing them.

Definition

Protecting sensitive values before storing them.

Real-world example

API_KEY is stored encrypted in the control-plane database and decrypted only when starting the container, never returned in full via the API.

Common mistake

Putting secrets in docker-compose.yml committed to Git instead of platform secret storage.

Better-PaaS in practice

Mark env vars as secret in the UI. They are redacted in API JSON responses.

FAQ

Is secret encryption only relevant to Better-PaaS?

No. secret encryption appears across Docker, cloud platforms, and self-hosted tooling. Better-PaaS exposes the concept in deploy logs, dashboard fields, or docs when it affects your app.