What are best practices for secrets management in production systems?

Secrets management reduces credential leakage. Best practices: - Use secret managers (not env files) - Rotate secrets and audit access - Use short-lived tokens - Avoid logging secrets Implement strong processes: incident response for leaks and automated scanning to catch secrets in repos.