Hacker News new | comments | show | ask | jobs | submit login
Ask HN: what do you use for shared PW storage?
4 points by rynop on Nov 26, 2012 | hide | past | web | favorite | 6 comments
What does your team/startup use for secure+encrypted, shared secret info (like PW) storage? I'm looking for something that is role based or has the ability to explicitly give user X access to asset Y. Example I have a pingdom.com l/p that I 3 of my co-workers to be able to use.

I don't mind hosting the tool. I've found https://www.passpack.com/online/ but am hesitant to trust someone else with my sensitive data.

My team uses Passpack, but I found a few self-hosted solutions previously. I didn't test them, though.

TeamPass: A PHP app. Hosted or downloadable. http://www.teampass.net/

WebPasswordSafe: A Java web app. Uses Password Safe databases. https://code.google.com/p/webpasswordsafe/

corporatevault: A Grails web app. http://sourceforge.net/projects/corporatevault/

Clipperz: A JavaScript web app. Hosted or downloadable. Sharing support coming soon. http://www.clipperz.com/support/user_guide/sharing

I would really like to use a hosted solution, but I'm so hesitant to trust them. What got you over that hump? Do they have any sort of agreement in place if they leak you data, or do you sign your rights away at acct creation time?

Curious is there anything you don't you like about passpack?

Also, here's a relevant discussion at Slashdot I had bookmarked:


KeePass + DropBox (soon moving to KeePass + Git due to write access errors with dropbox).

KeePass + SVN

I'm not seeing anything on http://keepass.info/ that says that they can apply roles/permissions on specific passwords. (Grant user1 view access to a particular account/password). How do you do that?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact