On 22 Dec 2008, at 22:31, Ted Husted wrote:
In the course of working on various development projects for various
clients, it's not uncommon to need to store a number of account
credentials that need to be shared with various members of a team.
One product I've used is Password Saver <http://www.pwdsaver.com/>.
It's a decent product, but its not multiuser, and sometimes we step
on each other.
I was wondering if anyone can recommend a program like Password
Saver, with multiuser features. We'd be most interested in a product
that is PCI Security Standards complaint, with audit features.
Aside from COTS, I was wondering if there are other equally
effective solutions that team use. For example, storing the
credentials for a project in a secure SCM repository, parallel with
the code.
I've found that using something like Bruce Sneiders' pwsafe within SVN
works well. And if your SVN uses something like an x509 xs control
with a layer of trapdoor audit logging around it - it is fairly easy
to meet PCI.
Dw
---------------------------------------------------------------------
To unsubscribe, e-mail: community-unsubscr...@apache.org
For additional commands, e-mail: community-h...@apache.org