🔐 A Complete Guide to Security in Namirasoft Secret

Security is the foundation of Namirasoft Secret. Whether you are storing API tokens, passwords, keys, or any other sensitive data, your secrets are protected using industry-standard algorithms that meet modern security expectations. This page explains how Namirasoft Secret protects your secrets and helps you choose the right algorithm for your use case.

To help you understand how your data is protected  and how to choose the right method of protection, this guide covers the core security principles behind Namirasoft Secret. Use the contents below to navigate key topics.

Contents

• Encryption vs Hashing: What’s the Difference?

• Supported Algorithms and How They Work

• When Should You Use Hashing?

• API Support for External Apps

🔶 Encryption vs. Hashing: What’s the Difference?

Namirasoft Secret supports two types of secure transformations for your sensitive data: encryption and hashing. Each serves a different purpose, and the right choice depends on how you plan to use the data.

🔸 Encryption

Encryption transforms your secret into an unreadable format using a reversible method, meaning it can later be decrypted by authorized users or services.

• Use Case: Choose encryption when the sensitive data needs to be retrieved, read, edited, or copied after it is stored. This is essential for applications that depend on access to the original value to perform their operations.

• Example: When Namirasoft Bill Watch monitors costs on AWS, it relies on access credentials such as an AWS Access Key. These credentials are grouped and managed through Namirasoft Credential, which retrieves the sensitive data from Namirasoft Secret where it is stored using AES256CCM encryption. Because Namirasoft Credential needs to read the original values, encryption is used instead of hashing. This allows Namirasoft Credential to securely pass the decrypted data to Namirasoft Bill Watch when required while keeping it safe from unauthorized access.

🔸 Hashing

Hashing is a one-way transformation process that converts your sensitive data into a unique fixed-length string of characters called a “hash”. This transformation is irreversible, meaning the original secret cannot be recovered or reconstructed from the hash. Hashing provides a secure way to verify data without exposing the actual information.

 

• Use Case: Use hashing when you only need to confirm whether an input matches a stored value — for example, to verify a password or token, but you don’t need to view, edit, or retrieve the original secret. Since hashes cannot be reversed, this method maximizes security for sensitive data that only requires validation.

• Example: If you store a password hash in Namirasoft Secret, your system or connected applications can verify the password by comparing hashes without ever accessing the actual password text. This is ideal for secrets where verification is required but viewing the original value is not.

🔶 Supported Algorithms and How They Work

Namirasoft Secret supports three powerful algorithms, each designed for a different level of security and retrievability. Choose the one that fits your use case:

 

🔸 ENCRYPT-AES256CCM

• Type: Symmetric encryption

• Purpose: Protects data that needs to be decrypted later

• How It Works: Uses AES (Advanced Encryption Standard) in CCM mode, providing both confidentiality and integrity checks

• Recommended For: Anything that must be viewed, read, retrieved and edited

• Used Automatically By: Other Namirasoft apps like Namirasoft Credential or Namirasoft Sender apps when storing secrets on your behalf.

🔸 HASH-SHA256

• Type: Cryptographic hash function

• Purpose: Creates a fixed-size digest of the original data

• How It Works: SHA-256 (Secure Hash Algorithm 256-bit) processes the input to produce a non-reversible hash

• Recommended For: When you need a lightweight way to check if an input matches a previously stored value

• Drawback: Fast to compute, so it’s not ideal for password storage on its own

🔸 HASH-BCRYPT

• Type: Adaptive cryptographic hash function

• Purpose: Safely store secrets where brute-force resistance is important

• How It Works: Bcrypt applies computational cost and salt to protect against brute-force and rainbow table attacks

• Recommended For: Passwords, access PINs, or any value requiring strong authentication resistance

• Advantage: Automatically adapts to increasing computing power by allowing cost factor adjustments

🔶 When Should You Use Hashing?

Hashing is the ideal choice when you do not need to retrieve or display the secret, but only verify that the original input matches the stored value. Use hashing when:

• You’re storing passwords or PINs for identity verification

• The secret should never be visible again

• You want to prevent even the data owner from retrieving it

Hashing is especially useful in scenarios where storing or exposing the original value poses a risk. Use HASH-BCRYPT when storing passwords, and HASH-SHA256 when storing verifiable identifiers or checksums.

 

🔶 API Support for External Apps

 

Namirasoft Secret is not just for internal use by other Namirasoft apps, you can also connect your own applications to it using the Namirasoft Secret API.

 

Through the API, you can securely store sensitive values such as passwords, API tokens, and access keys. You can choose from supported algorithms like AES256CCM for reversible encryption or SHA256 and BCRYPT for irreversible hashing, depending on whether you need to retrieve the original value later or simply verify it.

 

This makes Namirasoft Secret a powerful backend for use cases like credential management, user authentication, secure automation, and identity verification. Instead of building and maintaining your own secret handling system, you can rely on Namirasoft Secret to manage encryption and hashing securely and consistently.