7
7
7h33xi1e2015-04-20 13:31:50
Passwords
7h33xi1e, 2015-04-20 13:31:50

What is the best way to store passwords for a web studio?

What software would you recommend to use for storing passwords, with access distribution? Which web studios usually prefer to install?
It is necessary to distribute access rights and store passwords locally.

Answer the question

In order to leave comments, you need to log in

4 answer(s)
X
xmoonlight, 2015-04-21
@7h33xi1e

First, the approach itself is wrong!
For the team - e-mails are distributed. keys (or certificates).
The keys are transmitted over a different communication channel than the one used for authorization.
Keys are distributed to project roles (dev1,dev2) or specifically to project users.
With a password, you can (selectively or forcibly) protect the authorization (if desired) by the owner of the key without the participation of a certification authority (project coordinator).
Passwords are not known by the one who gave access, because. access granted to keys.
Access, usually: REST API, SSH accounts or OAuth.

W
WordPress WooCommerce, 2015-04-21
@maxxannik

We have our own CRM system based on WordPress https://github.com/systemo-biz/casepress
There, this logic is based on two mechanics:
1. There is a database of objects divided into categories. Let's say sites, ftp accesses, web applications, personal accounts and everything that we usually use in our work. Each object has a history of changes, configuration, etc.
2. There is a procedure for requesting access. When one specialist can request access. Then the access register is stored. And when a specialist leaves, the list accesses are deleted.

D
Dmitry Filimonov, 2015-04-20
@DmitryPhilimonov

1. Any program for storing passwords (for example, KeePass or any other similar one). Their essence will be reduced to encrypting the database file with a symmetric algorithm.
2. Storing this file somewhere: Dropbox, Yandex.Disk, etc.
As a result, each employee, having this program, access to the file, gets access to passwords from where it is convenient. The scheme is relatively secure in my opinion, but purely organizational password leaks are possible.
I have been using KeePass + Dropbox for several years (and you can backup the database on another Dropbox account), the flight is normal. I have access to passwords from my phone / laptop / etc, while remembering only 2 complex passwords: to Dropbox and to the database file. I also generate passwords there, for example.
Also, you should never, under any circumstances, trust any services that force passwords to be transmitted / stored with them (in unencrypted form).

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question