

Ask HN: How do startups/small businesses manage passwords and credentials - shash7

I wanted to know how small to medium size businesses manage credentials for different services.
For example, a business may have a facebook page. Who has the password and auth details for that. Also, for hosting and domain information who has all the credentials.
======
benlaud
That is the policy for my previous company:

1\. Avoid sharing password between people. For example, in using Amazon Web
Service, it should use IAM and every admin login with their own account.

2\. Master password (e.g the owner of AWS) and credentails should be kept in a
same place. The information are encrypted by a software called KeepassX and
won't share on the Internet. Ofcoz, backup is still needed.

------
beejhuff
[http://www.bitium.com](http://www.bitium.com) \- can't speak highly enough
about them. $200 / month, unlimited web apps, passwords, users, integration
with any SSO or SAML system as "authenticaltion system of record" and an
unlimited number of others...plus MFA via several options (authy and google
authentication), strict password requirements capabilities though use a
reasonable default. Ability to change all to random values that no one who
uses them can see if you choose, multiple domain support...the ability to
request access to your clients passwords and let THEM manage when it's revoked
really ups both our tech and marketing teams

~~~
shash7
Looks good but is there any way to manage credentials from a small startup's
perspective who can't afford to get paid services like bitium?

