Where do you store passwords ?

damjo · 2018-09-06T09:52:35.000Z

Hi All,

Just a quick one, where do you guys tend to store passwords or how do you store them, i know the question itself is insecure so dont be specific lol

Just trying to see if there are better/safer way of doing it for sys admins

scottbrindley · 2018-09-06T09:57:33.000Z

Password safe or you could use a spreadsheet with a password to prevent access to it.

Colts · 2018-09-06T09:57:36.000Z

On a post-it under my keyboard of course!

Colts · 2018-09-06T09:59:04.000Z

In all seriousness… have it documented hard-copy, and locked in a safe, just in case.

Electronic versions of password lists, IMHO, are never safe.

davidr4 · 2018-09-06T10:10:46.000Z

We use an on-premise install of PasswordState. It has full auditing and 2FA.

rogenellmojado2 · 2018-09-06T10:14:38.000Z

+1 for Lastpass !

erik · 2018-09-06T10:16:06.000Z

Shared Keypass database on a file share.

loadtoad462 · 2018-09-06T10:21:35.000Z

I use LastPass and have a copy printed in my firebox.

bloodwolfmerlin3541 · 2018-09-06T10:31:12.000Z

Have used keepass at my last place and it worked well.

rytiskavaliauskas · 2018-09-06T10:31:34.000Z

True Key by Mcafee. Also use a spreadsheet encrypted with a password, and archived with an additional password. As excel only is cracked too easily…

maxsec · 2018-09-06T10:35:52.000Z

Password safe

zachkoppolin · 2018-09-06T10:36:42.000Z

Encrypted off network

bryanscott5 · 2018-09-06T10:38:30.000Z

scottbrindley:

Password safe or you could use a spreadsheet with a password to prevent access to it.

Idk man, spreadsheet passwords are pretty darn easy to crack. We use an enterprise account with LastPass to share that kind of data between IT admins. I’m not saying that in itself doesn’t come with it’s own host of risks, but I just know someone asked me to crack a spreadsheet password once and there was no shortage of tutorials online showing me how. ¯_(ツ)_/¯

donnysaengkio4720 · 2018-09-06T10:39:24.000Z

Used sysPass at my old job and it worked great.

Might be going with that here or Password Vault Manager by Devolutions or whatever is included with their Remote Desktop Manager app.

inkmaster · 2018-09-06T10:40:09.000Z

LastPass Enterprise with MFA.

bryandoe · 2018-09-06T10:44:25.000Z

KeePass.

spiceuser-8khhe · 2018-09-06T11:03:29.000Z

Password Safe (Mateso) for Enterprise and KeePass for personal use

dbeato · 2018-09-06T11:04:27.000Z

We use Bitwarden and 1Password.

Carl-Holzhauer · 2018-09-06T11:08:40.000Z

Team Password Manager. Free for 2 people

Jrx1216 · 2018-09-06T11:15:41.000Z

Tryin’ ta get me to give up me treasure?!?

We use an application called PWsafe. Well… some of us do. I was told not to install it because we were going to be getting a new solution, I installed it anyways… That was like 4 months ago and no new solution yet. It seems to be reasonably secure from what I can tell, as long as you use a proper passphrase with it. It also has support for my Yubikey, so that’s a nice bonus.

I haven’t really done any testing against it, but for what I’m using it for, I believe it’s good enough. My important passwords are all locked up in my brain.