InstantForum.NET v2.9.0SQLServerCentralhttp://www.sqlservercentral.com/Forums/notifications@sqlservercentral.comWed, 22 May 2013 21:02:17 GMT20http://www.sqlservercentral.com/Forums/Topic447834-359-1.aspxWe use KeePass - an OSI certified password safe application (http://keepass.info).Sun, 07 Nov 2010 08:56:53 GMTjohn barnetthttp://www.sqlservercentral.com/Forums/Topic447834-359-1.aspxAnother vote for Password Safe. There is also a Portable Apps version meaning if you copy the electronic files off like Steve indicates, you just have to a USB key with the app and you don't have to install anything to get access to those files. Perfect for DR situations.Wed, 30 Jan 2008 14:08:34 GMTK. Brian Kelleyhttp://www.sqlservercentral.com/Forums/Topic447834-359-1.aspxWe have an in house developed program that lets users check passwords in and out for privileged ID's. The program lets you select the ID, then you click Check Out and the password is displayed. A support ticket number and explanation for the use fo the ID are required, and appear in control reports at month end. Once use of the ID is finished, the user selects the ID in the app, then clicks on Check In. the app then uses the Active Directory API to change the password for the ID to a new random value. Works very well.Wed, 30 Jan 2008 13:51:56 GMTRoss McMickenhttp://www.sqlservercentral.com/Forums/Topic447834-359-1.aspxwe use phpchain, now called PasswordChain. it's great for keeping all our password info. we have a group account for common password stuff (i.e., SQL passwords, server login passwords, common app passwords, etc.). then we each have individual accounts so we can keep our own stuff separate. we love it. [url=http://sourceforge.net/projects/phpchain]http://sourceforge.net/projects/phpchain[/url]Wed, 30 Jan 2008 06:35:20 GMTK D Antonaccihttp://www.sqlservercentral.com/Forums/Topic447834-359-1.aspxFirst of all, you need to comply with site standards. Many sites classify passwords for service accounts, etc, as Type 1 data (your Security team will tell you what Type 1 means). Breaches of handling policy for Type 1 data normally result in disiplinary action. One method I have seen that complies with Type 1 handling policies is an encrypted Word document. Recent versions of Word support 128-bit encryption. In Word, go to Tools -> Options. Click the Security tab, then the Advanced button. Select your desired encryption method (your site may have a mandate on what should be used), and set the key length to 128. This allows you to share the passphrase needed to open the document within the DBA team, and to change the passphrase at regular intervals. It can be cheaper and easier to user than some other methods.Wed, 30 Jan 2008 04:00:10 GMTEdVassiehttp://www.sqlservercentral.com/Forums/Topic447834-359-1.aspxHey, what other use have you people found for that whiteboard?[size="1"]ouch - I was just kidding[/size]Tue, 29 Jan 2008 09:52:17 GMTEwan Hampsonhttp://www.sqlservercentral.com/Forums/Topic447834-359-1.aspxPassword Safe here. I''ve done the envelope thing and given it to a non-technical person, like the CFO or director.However these days I'd copy the PWDSafe files and put them on a flash drive and give that to the person for safekeeping.Tue, 29 Jan 2008 08:37:28 GMTSteve Jones - SSC Editorhttp://www.sqlservercentral.com/Forums/Topic447834-359-1.aspx[quote][b]Joe Clifford (1/29/2008)[/b][hr]Write it down, put it in a labeled signed dated envelope (2 sigs required) and put it in the safe. [/quote]I agree with Joe... whatever you use to store the passwords electronically, always keep a safe physical copy of your password list... you never know when you might need it ;)DavidTue, 29 Jan 2008 07:48:35 GMTDavidSimpsonhttp://www.sqlservercentral.com/Forums/Topic447834-359-1.aspxWrite it down, put it in a labeled signed dated envelope (2 sigs required) and put it in the safe. That way when you get hit by a truck nobody has to try to crack your password safe...There are also some neat appliances that will provide you or other admins with one time passwords for access to resources based on AD group membership - you need a key/password it gives you the current password, your time is up/ticket expires and the password is automatically changed. A little scary in some regards but a pretty neat idea.JoeTue, 29 Jan 2008 00:54:06 GMTJoe Cliffordhttp://www.sqlservercentral.com/Forums/Topic447834-359-1.aspxI use Password Safe. http://passwordsafe.sourceforge.net/DavidMon, 28 Jan 2008 08:47:15 GMTDavidSimpsonhttp://www.sqlservercentral.com/Forums/Topic447834-359-1.aspxI actually wrote my own that I'll be putting on the market fairly soon.Fri, 25 Jan 2008 16:39:21 GMTKenpoDBAhttp://www.sqlservercentral.com/Forums/Topic447834-359-1.aspxHow do you store your passwords to service accounts, sql users, etc?We have a rather non-secure way of storing ours currently and are looking for a better solution. I've seen a few products that do it for you, but was curious what others are doing.Thanks,JasonFri, 25 Jan 2008 14:43:21 GMTJason Shadonix