TechEcho

We using in one ops team a central keepass for external web services. This brings a lot of effort when an employee leaves the company. Basically we need to change all passwords. How do you handle this?

Well, if you cannot trust your leaving employee to keep his confidentiality agreement - you have one, right - than you will need to change all password.I do not see how this has anything to do with how you store the passwords in the first place.If the problem is, that he sees more passwords than necessary, why not have multiple keypass databases?

Encrypted 7-zip with an encrypted keypass file inside, stored on highly audited and logged PCI server.Certainly not in a cloud service, as that puts the creds in a 3rd party data processor.Creds rotated as people move around.

We have a local file server with keepass, its not great we have problems with one person locking the file and no one else can save details to it. I want to switch to something like syncthing so every one gets a local copy thats kept in sync, im hoping this will fix the locking issue.We have too many accounts to change when some one leaves so we just change them all once a year.

We use LastPass Enterprise with 2FA to share relevant credentials with the required groups.

We avoid services that don’t support multiple users and two factor authentication.

I've used EnvKey for a few side projects that involved collaborators.

Excel spreadsheet on a highly secure, intranet-only SMB share. Not even joking.

We use LastPass Enterprise with 2FA to share relevant credentials with the required groups.

We avoid services that don’t support multiple users and two factor authentication.

I've used EnvKey for a few side projects that involved collaborators.

Excel spreadsheet on a highly secure, intranet-only SMB share. Not even joking.

How do you manage team passwords?

8 comments

How do you manage team passwords?

8 comments