I have a geographically spread team that is using Confluence for our workflow and process recording. Part of the job of the people is to login to various resources and perform certain actions.
My question is, is Confluence secure enough for me to store the credentials for these services? Are there specific ways of handling credentials that I should use in Confluence? Are there other products better suited to managing the credentials for a remote team?
Currently I keep the credentials locally with me and give them out as needed, but it is becoming a management issue, and I need a way where the right people can access what they need without my intervention.
Personally, I would not use Confluence as a password management application. One of the reasons is that the passwords while they may not be acceisble from within the app to unathorized users the data stored in the database is stored in plain text. So, if your database if compomized in any way then there go yourpasswords along with it. I personally tell everyone in our organization that nothing sensitive should go in the wiki. If you need something for sharing passwords there are many products that are designed for this that have auditing built in to them and encrypt the data on the backend.
Do you use templates with Confluence? Take part in a remote 1-hr workshop. You'll receive USD $100 for your time! We're looking for people to participate in a remote 1-hr workshop...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs