how do you handle usernames/passwords/api keys across a department/company?<p>I'm talking about passwords that many people need access to, such as vendors/partners that give you only one u/p for entire company. or server login infos.<p>do you put in a text file on a network? intranet?who's in charge of them? custom database? some program that I'm not aware of?
One thing I've done before is create a truecrypt volume that a privileged few folks have the passphrase to unlock. Inside the truecrypt volume, we had a text file with username/passwords and other notes. Additionally, we had folders within the volume that kept our company's SSL certificates and other critical security secrets.<p>That only works in when the secrets need to be shared among a very few people. When more people are involved it gets very very difficult to segment out who has access to what.