Forums

The forums ran from 2008-2020 and are now closed and viewable here as an archive.

Home Forums Other Do you store client login information?

  • This topic is empty.
Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • #40784
    JoshWhite
    Member

    I’ve read a number of posts about how one should never, EVER keep client login credentials. Personally, on at least several clients, I’ve broken this rule.

    The reason I broke this rule is that in the beginning I realized how unorganized clients were, and 9 out to 10 times they never kept their passwords handy so we had to reset them every time. But over time I’m realizing that I have quite a few in one place if anyone ever got a hold of it, they could do some harm.

    I’ve since moved everything to local files that have their own passwords. The only problem here is if I’m out and about and I end up needing the information, I can’t access it. I then thought maybe I would store that protected file in a my dropbox account that has 2 step verification. So then at least 3 layers of security need to be breached to get to it.

    At the end of the day though, I still end up with usernames and passwords.

    So I’m curious how other people handle this. Is the best practice to suck it up and make clients store their own information? Or are there some all-but-foolproof methods that I’m not thinking of?

    #114234
    chrisburton
    Participant

    I think Dropbox is a safe approach. I mean, there’s always a way to breach security, right? So another thing you could do is put the login credentials in a password protected zip file. Or put the credentials on a external Hard Drive and hide the zip folder.

    #114236
    TheDoc
    Member

    I do.

    I use 1Password.

    #114243
    chrisburton
    Participant

    @andy_unleash Haha. Obvious but great advice.

    #114244

    I keep hand written copies while I’m working with the client, and then dispose of them accordingly.

    #114247

    @andy_unleash Oh, I eat it.

    Shredding.

    #114271
    chrisburton
    Participant

    @JoshWhite Read this (third paragraph). Dropbox might be introducing something that has to do with passwords.

    #114393
    __
    Participant

    @JoshWhite

    Yeah, I know there are many, far more “mobile” people than me. And I completely agree about not carrying an open file around on a laptop. Encryption might help you there.

    If I were to store such information remotely, I’d put it on a machine I own (or at least control), where the only access would be via ssh. I avoid things like Dropbox – I don’t trust them – but I’ll admit that it’s mostly a personal aversion.

Viewing 8 posts - 1 through 8 (of 8 total)
  • The forum ‘Other’ is closed to new topics and replies.