Educause Security Discussion mailing list archives
Re: Password Storage
From: Harry Hoffman <hhoffman () IP-SOLUTIONS NET>
Date: Tue, 29 Nov 2016 21:49:33 -0500
Hi Russell, So I'm very curious about your use of Secret Server. We've come up with a way to use LastPass Enterprise to manage credentials in a way that aligns with good controls around authentication, authorization, and password management for both user specific credentials as well as sponsored account/service credentials/privileged credentials. I'd love to see LastPass fill the space that things like Secret Server, Amazon KMS, Cyber Ark do with checking out access to keys/certs. Specifically through standard APIs. Have you folks addressed this within Secret Server? Cheers, Harry On Tue, Nov 29, 2016 at 8:20 PM, Russell Fulton <r.fulton () auckland ac nz> wrote:
We aer another Secret Server shop and have been for many years (since version 1.x ;) Very happy with them. The full blown Enterprise solution is expensive and we use it for IT and other infrastructure stuff. We have integrated it with puppet and use it for automtically managing root creds for all our servers. I personally use Lastpass myself. I have not looked at their free version. Russell On 18 Nov 2016, at 04:05, Taylor Randle <TRandle () PARKER EDU> wrote: We’ve been using Thycotic’s Secret Server for some time and have been happy with it. They have a free version that has a lot of bells and whistles - we were previously using Password Safe so even the free version was a significant step in the right direction. We recently purchased the Professional edition for some additional functionality. Easy to setup – detailed instructions and security focused. The one time I had to interact with support was a pleasant experience. We were still using the free version at the time but the level of support felt as if we were paying customers. Here’s a comparison of their versions: https://thycotic.com/products/secret-server/features/ ~Taylor *Taylor Randle* *Director, Client Services & IT Security* <image005.png> 2540 Walnut Hill Lane, Dallas, TX 75229 T: 214.902.2439 | F: 214.902.2431 trandle () parker edu www.parker.edu | www.parkerseminars.com <image006.png> <http://www.facebook.com/ParkerUniversity> <image007.png> <http://www.youtube.com/ParkerUniversity> <image008.png> <http://www.twitter.com/ParkerUniv> ................................................ *From:* The EDUCAUSE Security Constituent Group Listserv [ mailto:SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>] *On Behalf Of *Kevin Crider *Sent:* Thursday, November 17, 2016 8:58 AM *To:* SECURITY () LISTSERV EDUCAUSE EDU *Subject:* [SECURITY] Password Storage Does anyone have any recommendations for password storage? We’re evaluating Keeper (which we’ve heard some disparaging things about their support), and Last Pass. Thanks, Kevin -- Kevin Crider Director, Enterprise Systems Skidmore College 815 North Broadway Saratoga Springs, NY 12866 518.580.5929 kcrider () skidmore edu
Current thread:
- Re: Password Storage, (continued)
- Re: Password Storage David Curry (Nov 17)
- Re: Password Storage Thomas Carter (Nov 17)
- Re: Password Storage Taylor Randle (Nov 17)
- Re: Password Storage Garrett Hildebrand (Nov 17)
- Re: Password Storage Taylor Randle (Nov 17)
- Re: Password Storage David Curry (Nov 17)
- Message not available
- Message not available
- Message not available
- Re: Password Storage David Curry (Nov 17)
- Re: Password Storage Brian Griffith (Nov 17)
- Re: Password Storage Russell Fulton (Nov 29)
- Re: Password Storage Harry Hoffman (Nov 29)
- Re: Password Storage Brian Epstein (Nov 17)