Hi. Several members of the team has the access to the Vault via UI by using a username/password. Does the Vault have any mechanism to rotate such passwords from time to time or if not, are there any alternates/best practices to rotate credentials for accessing the Vault? Thanks!
As far as I can see: no
Userpass is not a good solution for production as you’re just moving the same problem from one system to another (static passwords). You’re better off doing almost anything else … even a client certificate auth would be better than userpass.