Not directly answering the initial question but one wrinkle you'll want to consider is that more and more vendors require two-factor authentication in addition to the username/password. So if you want multiple staff to have access to the vendor account, then they also need access to eg a shared email box that you use as the database account email address. Some but not all vendors will agree to turn off 2FA for your account if you decide the burden of it isn't worth the security benefit.
(The same issue of email access applies to password resets, though at least that's not needed every time you login.)
Deborah
-----Original Message-----
From: Code for Libraries <[log in to unmask]> On Behalf Of Geoffrey Spear
Sent: Tuesday, 12 October 2021 8:57 AM
To: [log in to unmask]
Subject: Re: [CODE4LIB] Database passwords
Caution: This email originated from outside our organisation. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Emily,
We're using a shared folder in LastPass Enterprise (licensed for our entire institution; the library didn't adopt it alone as a solution to this problem, and I have no idea if it would be remotely cost-effective to do
so...) at the moment.
Before our migration to Alma, we had a homegrown ERM system where we stored all of the credentials. In theory it could have hidden the credentials from users with a lower level of privileges but in practice the only users of the ERM system were the same people who needed to share the passwords.
Before creating the ERM system, we had an excel spreadsheet on a novell shared drive.
On Mon, Oct 11, 2021 at 2:25 PM Emily Lynema <[log in to unmask]> wrote:
> I'm curious to survey the community -- has anyone found a way to store
> database administration passwords used by technical services staff
> that is both user-friendly and secure? For example: the passwords to
> configure NC State's various OCLC resources / services / databases.
>
> Feel free to message me directly if you're not comfortable sharing on-list.
>
> thanks!
>
> --
> Emily Lynema
> Head, Information Technology
> North Carolina State University Libraries
> 919-513-8031
> [log in to unmask]
>
________________________________
"The contents of this e-mail (including any attachments) may be confidential and/or subject to copyright. Any unauthorised use, distribution, or copying of the contents is expressly prohibited. If you have received this e-mail in error, please advise the sender by return e-mail or telephone and then delete this e-mail together with all attachments from your system."
|