Searching \ for '[EE] Password manager for multi-user environment' in subject line. ()
Make payments with PayPal - it's fast, free and secure! Help us get a faster server
FAQ page: www.piclist.com/techref/language/index.htm?key=environ
Search entire site for: 'Password manager for multi-user environment'.

Exact match. Not showing close matches.
PICList Thread
'[EE] Password manager for multi-user environment'
2008\07\04@041925 by Vitaliy

flavicon
face
It all started with a handful of passwords. We put the logins in a
spreadsheet, and put the spreadsheet in an encrypted archive in a restricted
directory on the server. Six years later, we ended up with hundreds of
logins for more than a dozen of users.

Recently some of the logins were separated and saved in a separate archive,
and saved in a different share (accessible by a different user group).
Unfortunately, it seems that doing things this way will eventually make the
system unusable.

So, here's a list of requirements for the password manager:

- Has to be reasonably secure (since very sensitive passwords may be stored
there).

- Must have support for multiple users and user groups. In other words, Jane
Doe has her own personal login for the password manager. She belongs to the
groups "Sales" and "Purchasing", and has access to passwords that her groups
has access to, and (optionally) additional passwords that are individually
assigned to her.

- There has to be a mechanism that prevents data loss when two users update
the password database simultaneously.

- Password DB must be stored in a shared location (on the local file
server). Preferably in a way that prevents direct access to those files, and
only allows users to access the information through the password manager's
interface.

- The interface must allow the user to look up the needed password in a
matter of seconds (minimum number of clicks).

- Support for categories ("finances", "alarm pins", "system administration",
"websites") would be nice, and maybe a search function, too

- Need not be free or cheap.


I have found many password managers on the Net, however I would really like
to hear from people who have actually used one.

Thank you in advance.

Vitaliy

2008\07\04@044636 by Alan B. Pearce

face picon face
>- Must have support for multiple users and user groups. In other words,
>Jane
>Doe has her own personal login for the password manager. She belongs to the
>groups "Sales" and "Purchasing", and has access to passwords that her
>groups
>has access to, and (optionally) additional passwords that are individually
>assigned to her.

You don't say just how these passwords are used, but this sounds like
exactly the sort of environment that a properly set up Windows NT Server
system will give you.

2008\07\04@050115 by Vitaliy

flavicon
face
Alan B. Pearce wrote:
> >- Must have support for multiple users and user groups. In other words,
>>Jane
>>Doe has her own personal login for the password manager. She belongs to
>>the
>>groups "Sales" and "Purchasing", and has access to passwords that her
>>groups
>>has access to, and (optionally) additional passwords that are individually
>>assigned to her.
>
> You don't say just how these passwords are used, but this sounds like
> exactly the sort of environment that a properly set up Windows NT Server
> system will give you.

I'm talking about Amazon, eBay, store backend, Digikey, bank accounts, alarm
system, PayPal, etc logins for various staff members and groups. Does it
make sense?

Vitaliy

2008\07\04@054508 by Tamas Rudnai

face picon face
Hi Vitaliy,

I use Password Safe, which is open source. It can open a database using an
unlock password, so you can store that database on a shared folder in your
network environment or you can make a copy to a laptop to carry the database
with you etc. You can have multiple databases, so one for the company, one
for each department, one for each person etc.

http://passwordsafe.sourceforge.net/index.shtml

Tamas





On Fri, Jul 4, 2008 at 9:59 AM, Vitaliy <spam_OUTspamTakeThisOuTspammaksimov.org> wrote:

{Quote hidden}

> -

2008\07\04@060150 by Alan B. Pearce

face picon face
>I'm talking about Amazon, eBay, store backend, Digikey, bank accounts,
>alarm system, PayPal, etc logins for various staff members and groups.
>Does it make sense?

OK, how about storing them in password protected ZIP files, with a decent
length password. I believe these are reasonably difficult to crack. Each
category goes in a different ZIP file.

2008\07\04@070425 by Gerhard Fiedler

picon face
Vitaliy wrote:

> It all started with a handful of passwords. We put the logins in a
> spreadsheet, and put the spreadsheet in an encrypted archive in a restricted
> directory on the server. Six years later, we ended up with hundreds of
> logins for more than a dozen of users.
>
> Recently some of the logins were separated and saved in a separate archive,
> and saved in a different share (accessible by a different user group).
> Unfortunately, it seems that doing things this way will eventually make the
> system unusable.
>
> So, here's a list of requirements for the password manager:
> [...]

I think pretty much any (decent) database would fulfill your requirements.
It really sounds just like a database application :)

Gerhard

2008\07\06@164948 by Vitaliy

flavicon
face
Alan B. Pearce wrote:
> OK, how about storing them in password protected ZIP files, with a decent
> length password. I believe these are reasonably difficult to crack. Each
> category goes in a different ZIP file.

Sounds like you haven't read my original post. :)

Vitaliy

2008\07\06@165359 by Vitaliy

flavicon
face
Gerhard Fiedler wrote:
>> It all started with a handful of passwords. We put the logins in a
>> spreadsheet, and put the spreadsheet in an encrypted archive in a
>> restricted
>> directory on the server. Six years later, we ended up with hundreds of
>> logins for more than a dozen of users.
>>
>> Recently some of the logins were separated and saved in a separate
>> archive,
>> and saved in a different share (accessible by a different user group).
>> Unfortunately, it seems that doing things this way will eventually make
>> the
>> system unusable.
>>
>> So, here's a list of requirements for the password manager:
>> [...]
>
> I think pretty much any (decent) database would fulfill your requirements.
> It really sounds just like a database application :)

Yes, of course this is something we could write in-house. However, I'm a
believer in off-the-shelf solutions for common problems. I find it
incredible that no one on this list has ever had to manage passwords for
multiple users and accounts.

Vitaliy

2008\07\06@185031 by Richard Prosser

picon face
I was wondering if something like Vss or Subversion could be used.
i.e. a central secure (?)  database, with separate access rights per
user etc? May be completely off line but it seemed a related
requirement.

RP

2008/7/7 Vitaliy <.....spamKILLspamspam@spam@maksimov.org>:
{Quote hidden}

> -

2008\07\06@190229 by Vitaliy

flavicon
face
Richard Prosser wrote:
>I was wondering if something like Vss or Subversion could be used.
> i.e. a central secure (?)  database, with separate access rights per
> user etc? May be completely off line but it seemed a related
> requirement.

May work, but too cumbersome to use for the average user.

Vitaliy


2008\07\06@192239 by Gerhard Fiedler

picon face
Vitaliy wrote:

>> I think pretty much any (decent) database would fulfill your requirements.
>> It really sounds just like a database application :)
>
> Yes, of course this is something we could write in-house. However, I'm a
> believer in off-the-shelf solutions for common problems. I find it
> incredible that no one on this list has ever had to manage passwords for
> multiple users and accounts.

Maybe here's your chance for a product to sell... :)  

Or maybe not... I just searched for "password manager multi user", and it
seems there are a number of products out there already.

Gerhard

2008\07\06@193028 by Vitaliy

flavicon
face
Gerhard Fiedler wrote:
[snip]
> I just searched for "password manager multi user", and it
> seems there are a number of products out there already.

Exactly. There's a boatload of password managers out there.. which one
should I buy? :)

Vitaliy

2008\07\06@220212 by Jake Anderson

flavicon
face
Vitaliy wrote:
> Gerhard Fiedler wrote:
> [snip]
>  
>> I just searched for "password manager multi user", and it
>> seems there are a number of products out there already.
>>    
>
> Exactly. There's a boatload of password managers out there.. which one
> should I buy? :)
>
> Vitaliy
>
>  
An open source one?

There must be a web based one somewhere?

2008\07\07@054311 by Tamas Rudnai

face picon face
> Exactly. There's a boatload of password managers out there.. which one
should I buy? :)

I have tried many non-multi-user, and many offers nice features but when you
try it you discover that is practically not so user friendly or does not
work reliable. I think before you buy (or use if that is free) any password
managers just try it for a month or so, and buy it only when you are happy
with that. Look at it if it allows you to create new fields to store
customized information, if it can fill out forms in web pages, if that is
happened automatically or manually, if it can fill out forms in GUI
applications, and finally but I think most importantly if how easy is to
make backups and restore from backup - especially if that is a multi-user
networked one (like if you can make online and incremental backups).

Tamas



On Mon, Jul 7, 2008 at 12:29 AM, Vitaliy <spamspamKILLspammaksimov.org> wrote:

> Gerhard Fiedler wrote:
> [snip]
> > I just searched for "password manager multi user", and it
> > seems there are a number of products out there already.
>
> Exactly. There's a boatload of password managers out there.. which one
> should I buy? :)
>
> Vitaliy
>
> -

2008\07\07@155641 by Vitaliy

flavicon
face
Tamas Rudnai wrote:
>> Exactly. There's a boatload of password managers out there.. which one
> should I buy? :)
>
> I have tried many non-multi-user, and many offers nice features but when
> you
> try it you discover that is practically not so user friendly or does not
> work reliable. I think before you buy (or use if that is free) any
> password
> managers just try it for a month or so, and buy it only when you are happy
> with that.

I was hoping to avoid the trial-and-error by asking the folks on this list
for their feedback. :)

> Look at it if it allows you to create new fields to store
> customized information, if it can fill out forms in web pages, if that is
> happened automatically or manually, if it can fill out forms in GUI
> applications,

I would put the auto-complete feature in the category of "optional".

> and finally but I think most importantly if how easy is to
> make backups and restore from backup - especially if that is a multi-user
> networked one (like if you can make online and incremental backups).

Not too important, our server is running daily incremental backups as it is.

Maybe Gerhard is right, there is money to be made.

Vitaliy

More... (looser matching)
- Last day of these posts
- In 2008 , 2009 only
- Today
- New search...