39
15
I often need to get passwords from clients for FTP, SSH, MySQL, Authorize.net, etc.
What's an easy way for them to send me passwords securely? Maybe even without them needing a login/password?
Encrypted IM sessions are a hassle to set up with non-techies. Phone calls break up my concentration and require arranging. (Are VOIP calls secure, anyway?)
Ideal: An easy way for non-tech-savvy people to send encrypted email. PGP/GPG doesn't cut it, unless Outlook has some super-easy built-in wizard. (You never know...?)
Good: A web-based secure message system (hopefully in PHP) that I could host and run over SSL. I haven't been able to find anything like this.
Maybe I'm asking the wrong thing or the wrong way. Any suggestions are appreciated!
"What's an easy way for them to send me passwords securely"? Pick up the phone store it encrypted on an offline machine. Then the only threat requires a physical presence – Dave – 2015-09-27T05:21:07.673
1
There is also https://onetimesecret.com it is open source and deletes the the password after it was viewed. So if you can see it no one else did.
– PiTheNumber – 2015-10-21T12:48:11.2332Them knowing your password in the first place is a pretty big security issue – Ciaran – 2009-08-11T19:50:17.853
1
Note - this question is a duplicate of http://stackoverflow.com/questions/1262424/how-can-my-clients-easily-send-me-passwords-securely (Adam apparently didn't know about the question migration feature) - if the question is migrated here to superuser, one or the other should be closed as a duplicate.
– bdonlan – 2009-08-11T19:55:57.8734They never know my passwords, but I have to know tons of theirs, being their web developer. – Adam DiCarlo – 2009-08-11T19:56:15.080
1
Related question on ServerFault: http://serverfault.com/questions/61402/web-based-and-encrypted-password-license-etc-database
– Tim Lytle – 2011-08-08T16:43:27.003