我们在 IT 工作中往往拥有无数的密码,对吧?存储和访问密码的推荐方法是什么?如何让新员工在第一天就能够访问所有必需的密码?当这样的新员工升职时,如何才能 我们授予他们访问所需的额外密码的权限?如果有人离开公司,我们如何才能只更改他们有权访问的合理密码,并最好通知每个有权访问该密码的人密码已更改?有什么最佳实践吗? 有80/20的建议吗? 低垂的果实? 有什么不该做的警告吗?
We tend to have zillions of passwords in IT jobs right?What are the recommended ways to store and give access to passwords?How can a new hire be given access to all required passwords day 1?And when such new hire gets promoted, how can we give access to the additional passwords they will need?And if someone leaves the company, how can we change only the sensible passwords they had access to and preferably notify everyone with access to it that it was changed?Any best practices? Any 80/20 suggestions? Low hanging fruits? Any warnings about what not to do?
We tend to have zillions of passwords in IT jobs right?
What are the recommended ways to store and give access to passwords?
How can a new hire be given access to all required passwords day 1?
And when such new hire gets promoted, how can we give access to the additional passwords they will need?
And if someone leaves the company, how can we change only the sensible passwords they had access to and preferably notify everyone with access to it that it was changed?
Any best practices? Any 80/20 suggestions? Low hanging fruits? Any warnings about what not to do?