8

As web developers we need to supply sensitive data to the clients. Clients are usually not very good with computers. They can send an email, pick up a phone call or open a webpage. But won't be able to set up PGP in their email client.

What would be a good way to send them their login credentials? Are there any services that can help us with this? It needs to be reasonably simple and reasonably secure (generally more secure then sending in an email).

Problem with most ready-made solutions (Basecamp, Slack) is that they send you an email notification with message contents.

Tomáš Fejfar
  • 289
  • 2
  • 8

5 Answers5

3

Passwords are stored as one-way hashes if done correctly, so you can't send them those. And if you can, make it your top priority to not be able to do so. Password reset workflows through SSL are the way to do that.

For other sensitive data, I'd keep it simple and just require them to log into your system. If not knowing their password is what prevents this, then reset their password through a secure password reset workflow.

Andrew Hoffman
  • 1,987
  • 14
  • 17
2

Send them the username and a link to a "Setup / Reset password" page. The Setup/Reset Password page would ask for the username and some other identifying information (e.g. Phone Number, Zip Code, Client Number, etc). If authenticated, the client then gets to setup a new password for themselves.

As an additional layer of authentication, a confirmation code have to be entered (via SMS) / linked in an email to the client to confirm setting the password. This prevents some outsiders that has knowledge of the identifying information from resetting the password.

KennyC
  • 409
  • 1
  • 3
  • 8
2

Depend on your purpose, I would recommend 2 different approaches:

Sending login credentials

Avoid doing this if possible. If you have no choice, then you should at least try to protect these information on 2 fronts: 1. Protect it from a malicious party from intercepting and read the information and 2. Protect it from an insider threat, e.g. a malicious employee who possibly knows the credentials before they are sent.

To achieve goal #1 without bothering users with complicated encryption setup, I recommend using 2 channels in parallel to send the credentials. You could send the username and the first half of the password in one email, and the other half of the password in an SMS (yes, Twillio is cheap enough). This would significantly reduce the risk of all the sensitive information being read by the bad guy.

Toward goal #2 there are a few best practices I can think of: Generate the password using a strong random value generator, force the user to change their password right after the first login. And let’s not forget that all passwords should be stored as 1-way hashes, using strong password hashing algorithm.

Sending other kinds of sensitive information, such as documents

The following is a simple approach: you could add the document in a zip (or 7zip, which is less popular) file and password-protect it (which effectively encrypts it). You will then send this file as an email attachment to the user. For the password, you send it via SMS. The password is the only thing user needs to get access to the document. There should be APIs that allow you to create those archive files automatically (programmatically). At least I know 7zip has the API and it supports zip format too.

If you take this approach I would recommend zip format as it is more popular and most Operating Systems have native support for it. Just make sure you choose AES rather than the Zip 2.0 as encryption algorithm, because AES is much more secure.

dnang
  • 645
  • 2
  • 6
  • 10
0

Use good old-fashioned snail mail.

For particularly sensitive information you can use additional measures like security envelopes or splitting the information across multiple media (e.g. one third by e-mail, one third by SMS, one third by post).

user7813790
  • 121
  • 3
0

You could send login authentication through sms, then force the user to change the password on first login.

Eplox
  • 11
  • 1