Does environment variables are safe to store secrets?

When you are building a cloud application, pretty sure that you come to a situation where you should save your passwords such as database connection passwords, and some service tokens.
Environment variables are not considered a good way to store passwords because they are typically stored in plaintext and can be accessed by anyone who has access to the system. This means that if an attacker gains access to the system, they could easily read the password from the environment variables and use it to compromise the security of the system.

Additionally, environment variables are not encrypted by default, and they can be easily read by any process running on the system. This includes other applications and scripts, which could inadvertently expose the password to unintended parties.

To store passwords securely, it is recommended to use a dedicated password manager or key management system that provides encryption and other security features to protect sensitive information like passwords. These systems are designed specifically to securely store and manage passwords, making them a much safer option than environment variables.