---
stage: Govern
group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---

# Rotate secrets of third-party integrations **(FREE SELF)**

Rotating secrets of third-party integrations is an important security practice
that helps mitigate the risks associated with leaked secrets, such as
unauthorized access and potential data breaches.

You should rotate the secrets of all third-party integrations at least yearly.
An incomplete list of such secrets:

- [FortiAuthenticator](../user/profile/account/two_factor_authentication.md#enable-one-time-password-using-fortiauthenticator)
- [FortiToken Cloud](../user/profile/account/two_factor_authentication.md#enable-one-time-password-using-fortitoken-cloud)