1
2
I administrate several Windows servers, and I have run into this "how do I maintain all my passwords" problem.
The servers in question are all stand-alone and distributed all over the world. In other words, they are not connected to a domain and network access to the servers are limited (they are not directly accessible over the internet). I am however able to access all servers from a single gateway server, which have working routes to all these networks.
Currently, I am using the same username and password to access all the servers in addition to using AuthLite (with Yubikeys) as two-factor authentication. However, I would like to change the one-password-fits-all policy by having a separate password on each server. My problem is then how these passwords should be stored centrally.
The simplest way would be to store them in a database (Excel sheets are not an option), but on the other hand, I am not too keen on storing the passwords in plain text. I cannot store them as hashes, because I need to be able to look up what the passwords are whenever I (or someone else) needs them. I'm thinking that a symmetric key password manager like LastPass would be a decent solution, but I need to host this application on a server of my choosing, so that other people are able to access the passwords whenever they are needed.
Can anyone recommend an off the shelf application that might solve my problem, or a method which I could implement myself using a SQL server database and a web based GUI? Ideally, the users who have access to these server passwords should be able to log in to this solution with their own username/password, and then be given access to the passwords I want to protect.
is keypass(download it) sufficient? – barlop – 2013-05-17T09:30:18.420
As a last resort yes, but I am more interested in a client-server model, where multiple users can access an account/repository where these passwords are stored. – v3gard – 2013-05-17T09:52:50.103
@v3gard: In that case the question might be a duplicate of http://superuser.com/questions/595059/password-management-at-an-organization
– Der Hochstapler – 2013-05-17T10:35:37.540