Am 22.08.2018 um 17:32 schrieb Mark Thomas:
On 22/08/18 16:21, Rich Bowen wrote:
Yes. Infra has shared password infrastructure. I don't know what
specific tool they use, but as I understand it, it's available to a
wider audience.
Put the password in a text file in the PMC's private svn area. And
change the mime type to a binary type so you don't get diffs to the
private@ mailing list.
If you want to go the extra mile you can encrypt that file to the PMC
members' private keys (I've never bothered with this step).
Though I never used it, I think https://www.passwordstore.org/ would be a
solution that takes this route and is freely avaliable.
Felix
Infra uses LastPass but the associated costs ($48 per user per year)
strike me as excessive for the sort of stuff we are generally talking about.
Mark
Asking for someone from that team to pipe up here.
On 08/22/2018 10:46 AM, Myrle Krantz wrote:
Hey all,
We just recently had a GSoC intern create an email account for the
purpose of testing a component which sends email notifications to
customers. The account should belong to the project. Currently I've
encouraged him to put the password in a private confluence page. I
feel a uncomfortable with that approach.
Does anyone else have any experience in doing shared password
management at an Apache project? Does Apache have a LastPass or
1Password account(s) for projects/teams? How have you handled
situations like this?
Best Regards,
Myrle
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@community.apache.org
For additional commands, e-mail: dev-h...@community.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@community.apache.org
For additional commands, e-mail: dev-h...@community.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@community.apache.org
For additional commands, e-mail: dev-h...@community.apache.org
