For example I have a docker compose stack with a service and a db.
How do you handle the passwords? Is it better to store them in a .env file or is there something different entirely?
Also do the passwords have to be strong if the db is only available to the service through the docker network?
For passwords in software chains, I always think of them as API keys. So, making them 32 or 64 character random strings doesn't seem ridiculous.