Forums

The forums ran from 2008-2020 and are now closed and viewable here as an archive.

Home Forums Other Do you store client login information?

  • This topic is empty.
Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • November 13, 2012 at 4:40 pm #40784
    JoshWhite
    Member

    I’ve read a number of posts about how one should never, EVER keep client login credentials. Personally, on at least several clients, I’ve broken this rule.

    The reason I broke this rule is that in the beginning I realized how unorganized clients were, and 9 out to 10 times they never kept their passwords handy so we had to reset them every time. But over time I’m realizing that I have quite a few in one place if anyone ever got a hold of it, they could do some harm.

    I’ve since moved everything to local files that have their own passwords. The only problem here is if I’m out and about and I end up needing the information, I can’t access it. I then thought maybe I would store that protected file in a my dropbox account that has 2 step verification. So then at least 3 layers of security need to be breached to get to it.

    At the end of the day though, I still end up with usernames and passwords.

    So I’m curious how other people handle this. Is the best practice to suck it up and make clients store their own information? Or are there some all-but-foolproof methods that I’m not thinking of?

    November 13, 2012 at 4:46 pm #114234
    chrisburton
    Participant

    I think Dropbox is a safe approach. I mean, there’s always a way to breach security, right? So another thing you could do is put the login credentials in a password protected zip file. Or put the credentials on a external Hard Drive and hide the zip folder.

    November 13, 2012 at 4:50 pm #114236
    TheDoc
    Member

    I do.

    I use 1Password.

    November 13, 2012 at 5:25 pm #114243
    chrisburton
    Participant

    @andy_unleash Haha. Obvious but great advice.

    November 13, 2012 at 5:45 pm #114244
    joshuanhibbert
    Member

    I keep hand written copies while I’m working with the client, and then dispose of them accordingly.

    November 13, 2012 at 5:53 pm #114247
    joshuanhibbert
    Member

    @andy_unleash Oh, I eat it.

    Shredding.

    November 13, 2012 at 10:33 pm #114271
    chrisburton
    Participant

    @JoshWhite Read this (third paragraph). Dropbox might be introducing something that has to do with passwords.

    November 14, 2012 at 7:21 pm #114393
    __
    Participant

    @JoshWhite

    Yeah, I know there are many, far more “mobile” people than me. And I completely agree about not carrying an open file around on a laptop. Encryption might help you there.

    If I were to store such information remotely, I’d put it on a machine I own (or at least control), where the only access would be via ssh. I avoid things like Dropbox – I don’t trust them – but I’ll admit that it’s mostly a personal aversion.

  • Author
    Posts
Viewing 8 posts - 1 through 8 (of 8 total)
  • The forum ‘Other’ is closed to new topics and replies.