Lacks end-to-end encryption. This is Doppler's most significant drawback, and it's a big one. If Doppler is compromised, whether by an outside attacker, a rogue insider, or one of the third-party sub-processors that Doppler trusts with access to its front-end dashboard or back-end systems, then all of your secrets are likely to be compromised.
This is a major security risk, and it's why EnvKey goes to great lengths to ensure that secrets are never accessible to any server or third-party (including EnvKey).
Web-based. While a web-based service offers definite advantages for convenience and UX, it also adds another source of potential security vulnerabilities: browser extensions. Browser extensions are widely used and, due to an overly broad permissions model, often have full access to every page that is loaded in the browser, including the Doppler dashboard.
This means that in addition to trusting Doppler with your secrets, you also have to trust every browser extension used by anyone on your team who has access to Doppler. Most organizations don't even know which extensions their employees have installed, so a malicious extension could easily go undetected for a long time.
Due to these issues, we think managing secrets in browsers should be avoided as much as possible. This is why EnvKey makes you go to the extra trouble of downloading and installing a desktop app. We wish it wasn't necessary, but until we get a better security model for browser extensions, that's what it takes, in our view, to keep your secrets safe.
Closed source with no self-hosting options. This one is pretty self-explanatory. Doppler is a closed-source, proprietary service that can only run on Doppler's cloud. There's no way to verify that its server handles secrets securely or effectively isolates them from Doppler's third-party subprocessors.
Integrations have a weak consistency model. While Doppler's integrations with third-party platforms offer convenience, many of them use a two-way sync model that can lead to inconsistent state if errors or network issues are encountered (an inevitability over time and at scale). There can also be delays in propagating updates.
This is a common problem with third-party integrations, and it's why EnvKey uses a one-way, pull-only model, with EnvKey as a strongly consistent source of truth. When you load config from EnvKey, you can be 100% certain that you're getting the latest, correct config, regardless of your host or platform.
Lacks language-specific SDKs. Currently, Doppler only offers a CLI for integrating with applications. This means that in order to load secrets, the CLI has to be installed on every host that needs access to secrets, which isn't always straightforward. Additionally, an application's start command will need to be modified.
While EnvKey offers a similar integration method via the envkey-source CLI tool that works with any language, it also offers SDKs for a range of popular languages, which can make integration easier.