You might not be aware of it, but the engine stores the credentials you use with in plain text in a file called . Well, granted, it’s not ASCII, it’s base64, which may look like encryption on first glance, . Base64 is a scheme for encoding, not encryption. You can simply copy the base64 string and convert it to ASCII in a matter of seconds. docker docker login $HOME/.docker/config.json but it’s not OMG, I’m strongly concerned about the secrecy of my passwords, what should I do? I’m glad you asked. Thankfully, docker offers , which will use your operating system’s native store instead of . credential helpers credential config.json containing the helper for your operating system from and . Don’t forget to . Download the archive Github unpack it to **/usr/local/bin** make it executable If you are on this should work for you to install verison 0.4.2 of the helper (you will need to be root): Linux wget && tar -xf && chmod +x docker-credential-secretservice && mv docker-credential-secretservice /usr/local/bin/ https://github.com/docker/docker-credential-helpers/releases/download/v0.4.2/docker-credential-secretservice-v0.4.2-amd64.tar.gz docker-credential-secretservice-v0.4.2-amd64.tar.gz Once that’s done, key to the JSON object’s root. The . This is basically the word after the last hyphen of the executable you just installed. For Linux, the executable is called , so the service name is . open **~/.docker/config.json** and add a **credsStore** value will be the name of the credential storage service docker-credential-secretservice secretservice If you are on and trust my skills you could try and run Linux sed sed -i '0,/{/s/{/{\n\t"credsStore": "secretservice",/' ~/.docker/config.json From this point forward, docker will use the external service to store your credentials for . To get rid of the ones that are already in the file, simply . docker login <url> docker logout <url> **Reference** Official Documentation on docker login. is how hackers start their afternoons. We’re a part of the family. We are now and happy to opportunities. Hacker Noon @AMI accepting submissions discuss advertising & sponsorship To learn more, , , or simply, read our about page like/message us on Facebook tweet/DM @HackerNoon. If you enjoyed this story, we recommend reading our and . Until next time, don’t take the realities of the world for granted! latest tech stories trending tech stories

Facebook

Too Long; Didn't Read

Get free API security automated scan in minutes

Getting rid of Docker plain text credentials

Too Long; Didn't Read

Company Mentioned

@frontside

RELATED STORIES