lolcreds

Public credential defaults and exposure patterns for authorized security testing.

MinIO

MinIOcloud2 credentials

Credentials2 documented
01

Root User / Root Password

minio / root-credentials

MinIO root credentials define the root user with complete access and permissions to the deployment. MinIO documents setting root user and root password through environment variables or configuration settings.

generated on installuser definedsecretusername/password

Location

environment
MINIO_ROOT_USER, MINIO_ROOT_PASSWORD, MINIO_ACCESS_KEY, MINIO_SECRET_KEY
config file

systemd environment files, Docker Compose files, Helm values, and MinIO server config

secret store

Kubernetes Secrets, Docker secrets, cloud secret managers, and vault entries

source code

committed deployment manifests, examples, tests, and container configs

logs

startup logs, shell history, and CI output

public interface
MinIO S3 API and Console

Notes

The root user has full administrative access. Older MINIO_ACCESS_KEY and MINIO_SECRET_KEY names appear in legacy deployments.

02

Access Key / Secret Key

minio / access-secret-key

MinIO users and service accounts authenticate to the S3-compatible API with access keys and secret keys. Identity management docs cover built-in users, service accounts, and external identity providers.

generated on installsecretAPI key

Looks like

pattern
pattern

AWS-style access key pattern sometimes used by S3-compatible clients; MinIO keys can also be arbitrary opaque strings

AKIA[0-9A-Z]{16}

Location

environment
AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, MINIO_ACCESS_KEY, MINIO_SECRET_KEY
config file

mc client config, application config, .env files, and deployment manifests

secret store

Kubernetes Secrets, cloud secret managers, CI/CD variables, and service account secret stores

source code

S3 client code, tests, notebooks, and accidentally committed configs

logs

S3 client debug logs and CI traces

http header
Authorization

AWS Signature authentication headers derived from access and secret keys

Notes

Secret key exposure grants the permissions assigned to the MinIO user or service account policies.

Scope

Authorized use

LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.