I am testing an in-development app locally.
Currently I use environment variables to store JWT secrets and database usernames and passwords.
I am interested in further securing this, and found out about secret managers (like Conjur).
How is this anymore secure than what I currently have?
Isn't it just a transition from storing my database credentials directly, to storing my Conjur credentials in exactly the same way I currently store my database credentials, and then requesting my database credentials? I must be misunderstanding something.
How do secrets managers actually further secure credentials, and what are the most secure best practices for storing JWT secrets and database passwords?