#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2011
    Posts
    1
    Rep Power
    0

    Password Management Suggestions


    I work for a small web design company and we are looking for a better way to store all of our logins. We currently store them in KeePass in a local server that we all have access to.
    The problem is that when someone leaves our company, we need to change every client's login info, since the employee leaving can easily make a local copy of the KeePass file which contains all of the logins.

    We have WordPress, Facebook, Twitter, Godaddy, and many more logins for several hundred clients and it would take days to change the passwords for everything.

    I thought about only having the sysadmin control the passwords but people would be bothering him constantly for login information.

    TL;DR We need a way to store our passwords without having to update it every time an employee leaves the company.
  2. #2
  3. No Profile Picture
    Lost in code
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2004
    Posts
    8,301
    Rep Power
    7170
    First I would introduce some concept of limited access - ie: only giving employees access to the account details they actually need to do their job.

    One pretty secure approach would be to use a proxy server that substitutes your passwords into outgoing HTTP requests. For example, if someone is logging into godaddy they could type "###godaddy-clientname###" into the password field and the proxy server could automatically perform the substitution. Obviously you would not want to do this for inbound data.
    PHP FAQ

    Originally Posted by Spad
    Ah USB, the only rectangular connector where you have to make 3 attempts before you get it the right way around

IMN logo majestic logo threadwatch logo seochat tools logo