{"id":"https://openalex.org/W4416549444","doi":"https://doi.org/10.1145/3719027.3765065","title":"It Should Be Easy but... New Users' Experiences and Challenges with Secret Management Tools","display_name":"It Should Be Easy but... New Users' Experiences and Challenges with Secret Management Tools","publication_year":2025,"publication_date":"2025-11-19","ids":{"openalex":"https://openalex.org/W4416549444","doi":"https://doi.org/10.1145/3719027.3765065"},"language":null,"primary_location":{"id":"doi:10.1145/3719027.3765065","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3719027.3765065","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5078039390","display_name":"Lorenzo Neil","orcid":"https://orcid.org/0009-0001-3084-7451"},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Lorenzo Neil","raw_affiliation_strings":["North Carolina State University, Raleigh, USA"],"raw_orcid":"https://orcid.org/0009-0001-3084-7451","affiliations":[{"raw_affiliation_string":"North Carolina State University, Raleigh, USA","institution_ids":["https://openalex.org/I137902535"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5120513647","display_name":"Deepthi Mungara","orcid":"https://orcid.org/0009-0009-3318-8402"},"institutions":[{"id":"https://openalex.org/I206945453","display_name":"Paderborn University","ror":"https://ror.org/058kzsd48","country_code":"DE","type":"education","lineage":["https://openalex.org/I206945453"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Deepthi Mungara","raw_affiliation_strings":["Paderborn University, Paderborn, Germany"],"raw_orcid":"https://orcid.org/0009-0009-3318-8402","affiliations":[{"raw_affiliation_string":"Paderborn University, Paderborn, Germany","institution_ids":["https://openalex.org/I206945453"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5028171895","display_name":"Laurie Williams","orcid":"https://orcid.org/0000-0003-3300-6540"},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Laurie Williams","raw_affiliation_strings":["North Carolina State University, Raleigh, USA"],"raw_orcid":"https://orcid.org/0000-0003-3300-6540","affiliations":[{"raw_affiliation_string":"North Carolina State University, Raleigh, USA","institution_ids":["https://openalex.org/I137902535"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5074668699","display_name":"Yasemin Acar","orcid":"https://orcid.org/0000-0001-7167-7383"},"institutions":[{"id":"https://openalex.org/I206945453","display_name":"Paderborn University","ror":"https://ror.org/058kzsd48","country_code":"DE","type":"education","lineage":["https://openalex.org/I206945453"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Yasemin Acar","raw_affiliation_strings":["Paderborn University, Paderborn, Germany and The George Washington University, Washington, DC, USA"],"raw_orcid":"https://orcid.org/0000-0001-7167-7383","affiliations":[{"raw_affiliation_string":"Paderborn University, Paderborn, Germany and The George Washington University, Washington, DC, USA","institution_ids":["https://openalex.org/I206945453"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5021122418","display_name":"Bradley Reaves","orcid":"https://orcid.org/0000-0001-7902-1821"},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Bradley Reaves","raw_affiliation_strings":["North Carolina State University, Raleigh, USA"],"raw_orcid":"https://orcid.org/0000-0001-7902-1821","affiliations":[{"raw_affiliation_string":"North Carolina State University, Raleigh, USA","institution_ids":["https://openalex.org/I137902535"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.45162571,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"2519","last_page":"2533"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.6682000160217285,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.6682000160217285,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.04540000110864639,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.037700001150369644,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/usable","display_name":"USable","score":0.689300000667572},{"id":"https://openalex.org/keywords/documentation","display_name":"Documentation","score":0.6581000089645386},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4406000077724457},{"id":"https://openalex.org/keywords/best-practice","display_name":"Best practice","score":0.40610000491142273},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.375900000333786},{"id":"https://openalex.org/keywords/face","display_name":"Face (sociological concept)","score":0.3176000118255615}],"concepts":[{"id":"https://openalex.org/C2780615836","wikidata":"https://www.wikidata.org/wiki/Q2471869","display_name":"USable","level":2,"score":0.689300000667572},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6632000207901001},{"id":"https://openalex.org/C56666940","wikidata":"https://www.wikidata.org/wiki/Q788790","display_name":"Documentation","level":2,"score":0.6581000089645386},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5019000172615051},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4406000077724457},{"id":"https://openalex.org/C184356942","wikidata":"https://www.wikidata.org/wiki/Q830382","display_name":"Best practice","level":2,"score":0.40610000491142273},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.375900000333786},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.34700000286102295},{"id":"https://openalex.org/C2779304628","wikidata":"https://www.wikidata.org/wiki/Q3503480","display_name":"Face (sociological concept)","level":2,"score":0.3176000118255615},{"id":"https://openalex.org/C131275738","wikidata":"https://www.wikidata.org/wiki/Q7445023","display_name":"Security bug","level":5,"score":0.30880001187324524},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.2964000105857849},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.29109999537467957},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.28029999136924744},{"id":"https://openalex.org/C2779089604","wikidata":"https://www.wikidata.org/wiki/Q7169333","display_name":"Permission","level":2,"score":0.2791000008583069},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.27379998564720154},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.26579999923706055}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3719027.3765065","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3719027.3765065","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G506590200","display_name":null,"funder_award_id":"CNS-2055554,CNS-2206865","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":46,"referenced_works":["https://openalex.org/W1969785126","https://openalex.org/W1993553653","https://openalex.org/W2008107570","https://openalex.org/W2041194341","https://openalex.org/W2071255138","https://openalex.org/W2087276125","https://openalex.org/W2115130131","https://openalex.org/W2129889634","https://openalex.org/W2366532918","https://openalex.org/W2511044583","https://openalex.org/W2536964484","https://openalex.org/W2698406033","https://openalex.org/W2767943400","https://openalex.org/W2771030034","https://openalex.org/W2794744449","https://openalex.org/W2915232514","https://openalex.org/W2947593054","https://openalex.org/W2954876572","https://openalex.org/W2955439455","https://openalex.org/W2966008409","https://openalex.org/W2976409997","https://openalex.org/W2990518706","https://openalex.org/W3012380719","https://openalex.org/W3017863658","https://openalex.org/W3026514254","https://openalex.org/W3089515198","https://openalex.org/W3171760881","https://openalex.org/W3208610766","https://openalex.org/W4223432363","https://openalex.org/W4253731935","https://openalex.org/W4308643017","https://openalex.org/W4312118684","https://openalex.org/W4312576573","https://openalex.org/W4312875384","https://openalex.org/W4364321651","https://openalex.org/W4366550619","https://openalex.org/W4367837127","https://openalex.org/W4385288180","https://openalex.org/W4386781823","https://openalex.org/W4387298286","https://openalex.org/W4388483369","https://openalex.org/W4399572670","https://openalex.org/W4399723309","https://openalex.org/W4400237083","https://openalex.org/W4400582422","https://openalex.org/W4402263641"],"related_works":[],"abstract_inverted_index":{"Software":[0],"developers":[1,50,65,97],"face":[2],"risks":[3],"of":[4,115],"leaking":[5],"their":[6,52],"software":[7],"secrets,":[8],"such":[9,25],"as":[10,26],"API":[11],"keys":[12],"or":[13,30],"passwords,":[14],"which":[15],"can":[16],"result":[17],"in":[18,54,68],"significant":[19],"harm.":[20],"Secret":[21],"management":[22],"tools":[23],"(SMTs),":[24],"HashiCorp":[27],"Vault":[28],"Secrets":[29],"Infisical,":[31],"are":[32,46,61],"highly":[33],"recommended":[34],"by":[35],"industry,":[36],"academia,":[37],"and":[38,64,73,88,112],"security":[39],"guidelines":[40],"to":[41,48,71,99],"manage":[42],"secrets":[43,53,59],"securely.":[44],"SMTs":[45,77,116],"designed":[47],"help":[49,83,96,105],"secure":[51],"a":[55],"central":[56],"location,":[57],"yet":[58],"leaks":[60],"still":[62],"commonplace,":[63],"report":[66],"difficulty":[67],"learning":[69],"how":[70],"setup":[72],"use":[74,101,114],"SMTs.":[75,102],"While":[76],"typically":[78],"come":[79],"with":[80],"publicly":[81],"available":[82],"resources":[84,106],"(e.g.,":[85],"tool":[86],"documentation":[87],"interfaces),":[89],"it":[90],"is":[91],"unclear":[92],"if":[93],"these":[94],"actually":[95],"learn":[98],"effectively":[100],"Without":[103],"usable":[104],"that":[107],"onboards":[108],"developers,":[109],"quick":[110],"adoption":[111],"effective":[113],"may":[117],"be":[118],"unrealistic.":[119]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-11-23T00:00:00"}