From a simple KeePass database to enterprise credential management solutions—what’s your setup at work?

  • Godort@lemm.ee
    0·
    15 days ago

    We use ITGlue because it lets us tie password records to documentation which makes finding things very streamlined.

    Personally, I use Bitwarden

  • stoy@lemmy.zip
    0·
    11 days ago

    Keepass.

    Backed up in the cloud, with a long password with plenty of non english characters in the password.

    For learning new passwords, I write them down on a note in my wallet, without any explanation of where they lead or what username to use.

  • jplee@lemmy.world
    0·
    15 days ago

    As an admin for a Linux server, I want to institute a ssh pub key expiration policy for all the users and enforce non-reuse of old keys. Does anyone have a best solution for this?

  • Refurbished Refurbisher@lemmy.sdf.org
    0·
    14 days ago

    I write it in plaintext then email it to myself. For my email password, I write that down on a sticky note next to my monitor with my webcam pointing towards it with Skype and Zoom always running so I can look at it when I’m not at home. I always make sure to turn 2FA off as well, since that gets annoying and isn’t very convenient.

    I might choose to mirror the webcam stream to a public RTMP stream later, but not sure yet, since I think that might open up some security holes.

  • rumba@lemmy.zipEnglish
    0·
    14 days ago

    Bit Warden, one password, whatever float your boat just not last pass.

    For SHTF stuff GPG.

  • lightnsfw@reddthat.com
    0·
    14 days ago

    At work I keep them in onenote (they are encoded) because they won’t let us install an actual password manager and half the shit I log into doesn’t support SSO/doesn’t have it set up and is all on different password schemes. Our service account passwords are in a shared cyberark vault.

  • Astigma@feddit.ukEnglish
    0·
    15 days ago

    We have a KeePass DB as a fallback but mostly use a PAM solution to manage server access.

    • cron@feddit.orgOP
      0·
      15 days ago

      I would need a small book hidden under my keyboard. My work password safe has approximately 100 entries.

    • shalafi@lemmy.worldEnglish
      0·
      14 days ago

      Got a thrift store keyboard. The pink sticky on the bottom said:

      User: admin

      Pass: password

      I wish I was joking. Someone out there was dumb enough to need a reminder on that one.

    • cron@feddit.orgOP
      0·
      15 days ago

      Why do companies name their password safe “Password Safe”? Thats about as relevant as naming a phone “Phone”.

    • rhacer@lemmy.worldEnglish
      0·
      15 days ago

      I’ve been using 1password for over a decade. I’d love to know more about the enshitification you’re seeing.

      • CompactFlax@discuss.tchncs.deEnglish
        0·
        15 days ago

        I just looked back and my first vault item dates back to 2010. Time flies.

        I think enshittification is slightly an overstatement. They’re under VC pressure now and moving aggressively towards a subscription model with capabilities increasingly behind the subscription. I bought a few licenses for Mac and PC a while ago; the software still works but no browser extensions - need a subscription for that. Also, take a look at their job postings. Same job pays double in USA vs Canada. Funny way to do things if they’re Canadian.

        • rhacer@lemmy.worldEnglish
          0·
          14 days ago

          Thanks for a great response. I’ve been a paying customer for ages, and added my family as well. So I don’t have the paywall issues you’re seeing.