Share/Document credentials
-
Welcome to the age of cloud computing. Now the problem I have is that with so many different services, we need a way to share and document the credentials for different projects.
So, any advice/idea? I've been thinking about creating a KeePass file for each project and attach it in our wiki, but I'm not sure of the consequences this will have.
Take into account that today I'm finishing a project and that tomorrow it can be continued by a whole different team so we have to document those credentials (API keys, analytics, etc) so the next team can start doing their stuff without bothering me every 5 minutes.
-
Presumably there's a good reason why the projects can't all have SSO?
-
Upgrade to the premium version of the cloud platforms that support Single-Sign-On.
-
Presumably there's a good reason why the projects can't all have SSO?
Upgrade to the premium version of the cloud platforms that support Single-Sign-On.
It has nothing to do with this. We have to access several third parties for different stuff for every project and not all of them have SSO. Even one of our internal tools needs an specific set of credentials for each project.
-
the next team can start doing their stuff without bothering me every 5 minutes.
Documentation won't stop them. Mainly because they won't read it.But the KeePass idea sounds reasonable.
-
We have to access several third parties for different stuff for every project and not all of them have SSO.
Find new partners.Even one of our internal tools needs an specific set of credentials for each project.
And new architects.
-
I gave up on doing any smart thing and just add all that shit in our gitlab docs. #yolo.
-
This post is deleted!
-
Idiots, that's who
Which presumably includes the set of people that think that logging into your bank's website using a Google account is a bad idea?
-
Find new partners.
Clients. Many are stuff the client already use.
I gave up on doing any smart thing and just add all that shit in our gitlab docs.
Yeah, the guy I'm replacing salts the passwords in our wiki:
8888Pass8888word88881234888888
-
KeePass
If that is not enterprisey enough for ya: http://thycotic.com/products/secret-server/
Or have a look at there are some more references on SE
-
I wouldn't trust those guys. They post their super secret diagrams on a public facing sites!
Filed under: I hate generic names. Download Text Editor now!
-
So, any advice/idea? I've been thinking about creating a KeePass file for each project and attach it in our wiki, but I'm not sure of the consequences this will have.
I've used a KeePass file for our dev credentials. I'm sure a KeePass database for each project would work fine.
-
Encryption is mostly an exercise in key management. Do you use a common password for all of the KeePass files? If so, then you have only added a small amount of security. If not, then how do you manage those passwords?
-
In my case, there's only one file and I'm the only one that needs to use it. I'm not sure of the best way to manage multiple files, but if @Eldelshell's primary concern is with sharing and documenting the credentials (rather than maximising security), having a single password to access all of the files might work fine.
-
So they'll email your secrets, print them out and make paper airplanes?
-
I want to reach a balance between security and sharing. What I'm going to propose is to use a key file for each database for each project, which is then distributed by the IT manager to all developers responsible in a project. The database file would be a download from the wiki and the key file only under request.
-
The database file would be a download from the wiki and the key file only under request.
That sounds reasonable.
-
then how do you manage those passwords?
With another KeePass file, of course! It's KeePass files all the way down. Except at the last level, which uses LastPass.