Home Glossary Zoho Vault Secret (Vault)
Zoho Vault

Secret (Vault)

A Secret in Zoho Vault is the encrypted record that stores a single credential set, such as a username, password, and URL, within a secure vault.

Technical Term

A Secret is Zoho Vault’s atomic unit of storage. Every credential you protect, whether a server login, an API key, or a database password, lives as exactly one Secret with its own access controls, audit trail, and sharing settings independent of every other Secret.

How Secret Works in Zoho Vault

A Secret is an encrypted record containing a name, URL, username, password, and optional notes. Vault encrypts each Secret using AES-256 before it leaves the browser, so only authorised users with the correct decryption key can read the plain-text value. Each Secret belongs to at least one Chamber (folder) and can be individually shared, tagged, or linked to a TOTP entry. Access logs record every view, copy, and edit against the Secret ID.

When to Use Secret

Create a Secret whenever a credential must be stored, shared, or audited centrally rather than held in someone’s browser or a spreadsheet. One Secret per service is the correct granularity: avoid bundling multiple unrelated logins into one record, because sharing is controlled at the Secret level. If a credential is personal and never shared, a personal vault Secret still provides audit history and breach-alert coverage.

Key Considerations for Secret

Secrets inherit the Password Policy of their Chamber unless a policy is applied directly. Moving a Secret between Chambers may change which users can access it, so audit permissions before migrating. Deleted Secrets are soft-deleted and can be restored by an admin within the retention window. The Secret count limit depends on your Zoho Vault plan; free tiers cap at a lower number than paid plans. Always verify the URL field is correct before enabling auto-fill, to prevent credential phishing via mismatched sites.

India Example: A Hyderabad-based IT services firm creates one Secret per client server, placed in a Chamber named after each client. When a junior engineer needs access to a specific server only, the admin shares that single Secret rather than exposing all client credentials.
Chamber
Password Policy
Access Control
Can a Secret store content other than a password?

Yes. A Secret can hold a username, URL, password, and a free-text notes field. The notes field is also encrypted and is suitable for storing supplementary information such as security questions, PIN codes, or setup instructions. However, for large binary files or documents, Secure Notes or external storage is more appropriate.

Does viewing a Secret in Zoho Vault create an audit log entry?

Yes. Every view, copy-to-clipboard, and password reveal action against a Secret is logged with a timestamp, user identity, and IP address. Admins can export these logs for compliance reporting. This audit coverage is one of the primary reasons organisations move credentials from shared spreadsheets into Vault.

Need help implementing this in Zoho?

Aaxonix is a certified Zoho implementation partner based in Pune. Architecture-first, no surprises.

Book a Free Consultation →
← Back to Glossary