Changes

Discover what is new and improved with Doppler!
Security
January 10, 2020

To encourage best practices, service tokens are now only displayed once during initial creation. After creation, you'll need to generate a new service token to retrieve its value. This helps ensure that you're using a unique service token for each service.

Security
January 3, 2020

To help keep customers safe, we now securely check users' passwords against public data breaches. If your password has previously been exposed in a data breach, we'll display a notice during login that requires you to change your password. More info:

We use the k-Anonymity model to anonymously and securely check if your password has been part of any past, public data breaches. Specifically, during login we now take a SHA1 hash of your password. The first 5 characters of this hash are sent to the popular Have I Been Pwned (HIBP) service. HIBP returns a list of all hashes it knows about that start with the same 5-character suffix. Our servers then compare each returned hash against the full SHA1 hash of the user's password. If there is a match, we prompt the user to change their password.

This process can only be performed during login and when changing your password because that's the only time Doppler has access to a user's plaintext password. We store bcrypt hashes of passwords in our database, meaning it would be computationally infeasible to perform this HIBP check at any other time. Additionally, the computed SHA1 hash is used only for the HIBP service and is never persisted outside of application memory.

We'll likely talk more about password security at a future date. For now, we encourage all of our customers to follow these best practices, as we do internally:

  • Use a password manager for every account, regardless of its importance
  • Always enable 2FA! (but ideally avoid SMS and Voice 2FA)
  • Generate strong, random passwords with your password manager
  • Never reuse passwords
New
January 1, 2020

We're proud to announce the release of our new Doppler CLI! This release introduces some exciting new features:

  • Forget about Doppler API Keys! Easier, more secure authentication with doppler login
  • Manage all your connected devices from the Doppler Dashboard
  • Simplified installation, including support for docker, brew, deb/apt, rpm/yum, and scoop. Also available as a standalone binary for Linux, macOS, and Windows.
  • 40% faster and only ~3MiB small

All other Doppler client libraries have now been deprecated. This will allow us to more rapidly iterate on features and improve the productivity of our customers.

Thank you to all of our customers for another amazing year. We've got some enormous things cooking for 2020- stay tuned!

Thanks & Happy New Year! 🎉

Improvement
May 27, 2019

Powerful search gets you to where you want to go. Stay on your keyboard while navigating your workplace with "s" keyboard shortcut.

Improvement
May 23, 2019

Doppler's Defaults feature is the easiest way to roll out a new variable to your entire CI/CD pipeline. At a glance, see which variables in an environment are synced or diverged from Defaults.

New
April 22, 2019

Checkout our new documentation hub! Explore the CLI and automate your flows with our API. Access the hub directly through the dashboard through the docs link.

Security
February 4, 2019

Using Single Sign-On providers like Okta or OneLogin? We have great news, you can now onboard your entire organization with our enterprise SAML SSO + JIT (Just In Time) feature. Request access today by reaching out to our enterprise team.