[TYPO3-english] Password management advice

Oliver Salzburg oliver.salzburg at googlemail.com
Tue Feb 7 14:25:03 CET 2012 

Hello Rik,

my opinion is that, yes, you would have to delete every one of those
200 accounts one-by-one.

I assume you build these sites for your clients. So by forcing a
non-default authentication mechanism on the client just to solve your
in-house account management issue, you're making life worse for your
client.

Let's say you move all sites to an LDAP-based authentication mechanism.
Given that you worry about your own user accounts, it would be logical
that your company hosts the LDAP server. Now all authorization for all
websites you've built for your clients needs to go through your server.

That might be desirable if you're going for the tightest lock-in for
your clients, but they might not appreciate those efforts ;)

I would recommend spending a days or two hacking together a solution
that can SSH into all the sites of all your clients and add/remove
user accounts from the local database.

Cheers
Oliver

On 2012-02-07 13:55, Rik Willems wrote:
> Hi Oliver,
> 
> I've seen this one. It does solve the password distribution but not the
> management part of the user accounts.
> 
> When you run 200 websites you don't want to remove a user in each
> installtion when one of your employees leaves. How you other companies
> manage this?
> 
> Cheers! Rik
> 
> 
> 
> On 7-2-2012 11:35, Oliver Salzburg wrote:
>> On 2012-02-07 10:12, Rik Willems wrote:
>>> Hi all,
>>>
>>> I'm looking for some password management advice. How are you all
>>> handeling this situation.
>>>
>>> Say, you work on a lot of TYPO3 (and perhaps Magento as well) projects
>>> with your team. Does everybody use his own username/password? How do you
>>> manage changes in your team? Do you go through all projects and delete a
>>> user, or change a master password?
>>>
>>> Do you have other solutions to a central login system to all your
>>> projects for project members? LDAP server perhaps?
>>>
>>> Looking forward to your thoughts.
>>>
>>> Cheers! Rik
>>
>> I use KeePass (http://keepass.info) and create a new database entry for
>> every new site (both FE and BE). The login forms are later identified
>> by the title of the browser window (so to speak) and I log in with the
>> press of a hotkey.
>>
>> Besides that, I would never share user accounts with anyone. Doing so
>> has many negative implications that are just unnecessary. TYPO3 user
>> accounts are cheap to create, do so.
>>
>> Cheers
>> Oliver

More information about the TYPO3-english mailing list