[tor-bugs] #29677 [Internal Services/Tor Sysadmin Team]: evaluate password management options
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Mar 7 16:01:47 UTC 2019
#29677: evaluate password management options
-------------------------------------------------+-------------------------
Reporter: anarcat | Owner: tpa
Type: task | Status: assigned
Priority: Low | Milestone:
Component: Internal Services/Tor Sysadmin | Version:
Team |
Severity: Major | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
-------------------------------------------------+-------------------------
during the [[org/meetings/2017Montreal/Notes/BusFactor]] session, one of
the things that was discussed was the password management system that is
(was?) stored in SVN. Specifically:
{{{
We need a better password management solution than the one we have in
corporate SVN right now.
We should look over if the password's in this database should be rotated.
Figure out if the passwords for paypal have been rotated by Jon et al and
ensure that it will be put in the password database. We should also look
into the "paypal dongle" or 2-step authentication?
}}}
I have some experience reviewing password managers, so I might be able to
provide some advice here if someone expands on the requirements and
problems with the current approach.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29677>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list