Passwords manager

up to you... Unless you would like someone to set a deadline? ;)

super, honestly sounds great! Callumn made some good points about safety and data privacy. This might be a fantastic first step towards improving that situation. Muchos gracios!

?!
where do I store new KB related passwords now?

you download last pass
the user is Admin@kiezburn.org - txt me for the pass

ok, so how do I store a password in the official kiez burn password manager?
and how do I retrieve one?

also sweetie, can you use the "reply" function?

That makes a lot more sense... and no - none taken. It was something I’d bounced in a previous reply (different service - same idea) so was surprised we’d go down this path again.
I’m trying to drive us away from the notion that we do it all ourselves, as seems to be a tendency for developer types since the beginning of time.

hey honey @bandit - could you use the "reply to comment" function? I have no idea who you're answering here

So we just decided to purchase Lastpass :) and updated the description. For password info: ask Henrik :)

@bandit I edited the thread to have the conclusion of the password discussion. If anything missing (like how peeps can contact you), feel free to edit the thread.

Cool! Thanks so much for the work that has been put in, both discussing it and actually doing it :D
So do I have to log out of my lastpass instant and then log into the kiez burn lastpass account? Or can I add Kiez Burn as a profile?

:D
what are you referring to? my post clearly states that I'm fine with lastpass. migrating is an option we have in the future, this is the rest of the post. I did't say we should do it but I brought it up as an option. no offence

Why would we do that?
This makes no sense to me at all. The whole point of having spent the time setting up last pass was so we had one distributable source for Adminstrators of Kiezburn areas, this allowing us to rotate passwords with regular ease and and keep peoples data safe. Now we have it; you want to set up and run something else? Not only that; you want to run a self’s hosted instance of the code, with all the testing overhead, etcetc. Which effectively locks us Into a long term selfhosting and maintenance agreements with a volunteer organisation.
Strategically this is a bad idea.

Just coz we can self host does not mean we should. And if we can pay for effective managed services, it would make more sense to run these in the short term in order to test the longevity of our IT ecosystem.

Surely there are larger problems to solve than ones that have already been solved?

I also like lastpass and used it for years. Also we would not have to care for maintenance. I'll soon get an instance of passit.io running for testing purposes so we could use that too as soon as it is running stable.

i really like lastpass too. In terms of retrieving passwords it is also very easy to build user groups to share specific passwords with

Henrick this is one thread about a single topic. I do reply in context when it makes sense to.

IRT: go to lastpass, get the extension; login.

It then gives you the option to auto record and auto use any saved passwords

the work is done. I have transferred all the passwords. LastPass is reliable. it costs virtually nothing a year - 36USD is worth the investment. In fact as we have a family account with 3 spare user I'll gift KB one of ours. I will be paying for this longterm and will notify you when and if we change

Seriously - we don't need to self host everything and it's an anti pattern for an organisation as transient as a burn.

Hey, I just found this open source self hosted simplistic team oriented bazingary password manager: https://www.passbolt.com/

It's basically LastPass / 1Password & co without the overhead cost per user

OMG finally done :-). I have a new password manager with all main services google account + soho mail serve. also includes Mailchimp.

to not have the password in plain text please get in touch through telegram for main password sharing :-)

I’ll start the exercise on Tuesday night - will report back by Thursday

cool I'll start it off - what our time box for this? I have a bunch of non work stuff to do so won't be able to get to it until the weekend

I can as I think I have a majority of our passwords
something we could consider - segregating for core vs event needs.
like, event stuff doesn't need access to the bank accounts for example
but having a good strong pass across admin level access would make sense.
I would be happy to start a mind map and get community collaboration for what should go where

Great, let's do it. I am happy to help with pointing to where we store the passwords, but maybe someone could take charge of the topic?

Get a lastpass account.