To encrypt and decrypt secret, vault uses a passphrase.
This passphrase is used to generate a cryptographic key for the encryption.
In Tabli, the passphrase can be given with:
See also security consideration on how to handle secrets.