[teknoids] Internal wikis - password managers

Thayer York tyork at uw.edu
Thu Jan 20 14:38:39 EST 2011


We used to do the paper-in-the-safe approach but it suffered from constantly being out of date/covered with scribbled in updates.  We've used KeePass (the original Windows version that KeePassX is a port of) for a while now and it's been great.

  -> Thayer

-----------------------------------------------
Thayer York - CompTIA Security+, MCSE: Security
System Administrator
Computing Services - University of Washington School of Law


> -----Original Message-----
> From: teknoids-bounces at ruckus.law.cornell.edu [mailto:teknoids-
> bounces at ruckus.law.cornell.edu] On Behalf Of Chapman, Ben
> Sent: Wednesday, January 19, 2011 9:31 AM
> To: Teknoids
> Subject: Re: [teknoids] Internal wikis - password managers
> 
> If you're looking for a cross-platform password manager app, you might
> consider http://www.keepassx.org/ . Runs on many OS's, including Android:
> http://www.keepassdroid.com/ . The password databases can be moved
> moved across platforms. If you're feeling really daring, you can keep the
> password-protected KeePass database on Dropbox, which also has an
> Android client, giving you access from many computers. Still, I like Elmer's
> sheet of paper in a drawer approach, especially for the important passwords.
> 
> Ben
> 
> 
> 
> On Jan 19, 2011, at 10:58 AM, Elmer Masters wrote:
> 
> > Tracey,
> > I've used a couple of PMWiki modules/plugins/recipes to put our staff
> > wiki under the same security umbrella we use for our website. It took
> > a bit of work, but it did create a reasonably secure space for us to
> > use. We do keep a few shared passwords for minor stuff there, but the
> > really important and sensitive stuff (like server passwords, key
> > pairs, etc.) is stashed elsewhere and is not web accessible. Heck, it
> > may even be printed on actual paper and kept in a file folder. :)
> >
> > Anyway, a wiki with restricted access is a a great way to document
> > internal procedures and keep notes about what is going on, but I'd use
> > something else for storing really sensitive information.
> >
> > Elmer.
> >
> >
> > On Wed, Jan 19, 2011 at 10:14 AM, Tracey McCartney
> > <tracey at fairhousing.com> wrote:
> >> Guys -
> >>
> >> Following my post last week about Wiki programs, and learning that a few
> of
> >> you have home wikis, it occured to me that a wiki might be a good way for
> my
> >> to start documenting procedures here at the office in case I get hit by a
> >> bus.
> >>
> >> Assuming our wiki is on our web space, which is on shared hosting out
> there
> >> somewhere instead of on a server here in the office, would it be too
> >> insecure for me to publish passwords and whatnot in it?  I know you can
> lock
> >> down permissions on pages and make them readable only to certain
> users, but
> >> I'm wondering whether that would be enough security to keep prying
> eyes (or
> >> spiders) away from our passwords.
> >>
> >>
> >> Thanks,
> >>
> >> Tracey
> >
> >
> >
> > --
> > Elmer R. Masters
> > Director of Internet Development
> > Center for Computer-Assisted Legal Instruction
> > emasters at cali.org    773-332-7508
> > _______________________________________________
> > You are currently subscribed to teknoids as: ben.chapman at emory.edu.
> > To unsubscribe send a blank email to teknoids-
> leave at ruckus.law.cornell.edu
> > --
> > See the web interface at
> http://ruckus.law.cornell.edu/mailman/listinfo/teknoids to get your list
> password, unsubscribe, and view your list settings.
> 
> 
> --
> Ben Chapman
> 404-727-6948
> ben.chapman at emory.edu
> 
> 
> 
> 
> 
> This e-mail message (including any attachments) is for the sole use of
> the intended recipient(s) and may contain confidential and privileged
> information.  If the reader of this message is not the intended
> recipient, you are hereby notified that any dissemination, distribution
> or copying of this message (including any attachments) is strictly
> prohibited.
> 
> If you have received this message in error, please contact
> the sender by reply e-mail message and destroy all copies of the
> original message (including attachments).
> _______________________________________________
> You are currently subscribed to teknoids as: tyork at u.washington.edu.
> To unsubscribe send a blank email to teknoids-
> leave at ruckus.law.cornell.edu
> --
> See the web interface at
> http://ruckus.law.cornell.edu/mailman/listinfo/teknoids to get your list
> password, unsubscribe, and view your list settings.


More information about the Teknoids mailing list