On Tue, Oct 08, 2013 at 12:53:59PM -0700, Josh Andler wrote:
So, there are some instances where we have accounts on sites like
twitter or deviantart where I or someone else may be the only person
who has the password.
Yeah, I've got passwords for mailing lists as well.
How do we want to go about centralizing, securing, yet sharing this
info with those who need it?
There must be a best practice; we're hardly the only FOSS project
needing to manage passwords. Anyone seen how other projects handle it?
Also, in the case of Twitter, since Conservancy had to provide the
legal information to Twitter for us to get control of that account, a
conservancy address is the password recovery mechanism. Personally, I
actually like the feel of that. It seems appropriate that they serve
in that protective role IMHO.
What are people's thoughts on this subject?
Seems sensible. Have you talked with them about this?