On Tue, Oct 08, 2013 at 12:53:59PM -0700, Josh Andler wrote:
Hey all,
So, there are some instances where we have accounts on sites like twitter or deviantart where I or someone else may be the only person who has the password.
Yeah, I've got passwords for mailing lists as well.
How do we want to go about centralizing, securing, yet sharing this info with those who need it?
There must be a best practice; we're hardly the only FOSS project needing to manage passwords. Anyone seen how other projects handle it?
Also, in the case of Twitter, since Conservancy had to provide the legal information to Twitter for us to get control of that account, a conservancy address is the password recovery mechanism. Personally, I actually like the feel of that. It seems appropriate that they serve in that protective role IMHO.
What are people's thoughts on this subject?
Seems sensible. Have you talked with them about this?
Bryce