shared password repository

Posted on 2009-12-22
Medium Priority
Last Modified: 2013-11-16
i am part of a organization that has no central location.  members are all over the country, and there is no central infrastructure.  members have personal computers, running off home ISP, with network equipment you'd expect to see in the average home (i.e.  ISP modem & router).

what is the best way to store passwords to shared assets, such as website admin, database admin, etc ?  no one person "runs the show".  there are a handful of people that need to know various passwords.

someone suggested sharepoint.  i cringe at the thought of storing passwords in sharepoint because it's just as vulnerable as any other IIS based website.  heck, it's not any more secure than google docs.

what are some options?

i know best case scenario is to not share passwords on any internet facing environment.  we could snail mail the list to the people that need them at certain intervals in the year.  

but what about some more technological ideas?
Question by:zephyr_hex (Megan)

Expert Comment

ID: 26105951
Creat a shared mail box, store all the passwords and give access to this shared mail box to people
LVL 32

Accepted Solution

aleghart earned 1000 total points
ID: 26107831
There are some suggestions here:

Thycotic looked like a good option to me, but my funding dropped to zero-budget.

Which means I'm stuck with a single KeyPass file for now.

The SharePoint and snail-mail ideas are both bad.  No audit trail.
LVL 27

Assisted Solution

Tolomir earned 1000 total points
ID: 26108002
Not that cheap but allows what you need:


See the product sheet, for access from the Internet you would need the enterprise client/server edition.


from the German page:

enterprise server would cost: 499 EUR ($711) , each enterprise client costs: 64 EUR ($91)

also see the reference list on page 8.



Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware - Defeated! Client opened the wrong email and was attacked by Ransomware. I was able to use file recovery utilities to find shadow copies of the encrypted files and make a complete recovery.
Your business may be under attack from a silent enemy that is hard to detect. It works stealthily in the shadows to access and exploit your critical business information, sensitive confidential data and intellectual property, for commercial gain. T…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question