How to manage passwords, access credentials, and sensitive data, even in teams, between collaborators of the same professional studio or the same company. Passwords are impossible to remember. The most skilled can remember a few, mainly when they are typed habitually, but things get complicated when there are dozens of access credentials to manage.
Some people write down passwords in diaries: if they were always kept in a safe place, it could be a sensible solution. However, this is an anachronistic approach and, in many cases, even dangerous. The diary can easily be stolen, lost, or destroyed, with all the (serious) consequences that would ensue. For those who ” play alone, ” a tool like the excellent Keepass software remains the best solution.
Keepass is not only free software (distributed under the GNU GPL license) but has become, for years, a natural “ecosystem.” Born as software for Windows systems, Keepass boasts many forks, some successful, others less so. In the article Password management: how to do it safely we addressed the issue of managing passwords and credentials in general, while in the following Android password management: how to do it, we presented the excellent Keepass2Android to access your passwords from Android devices.
On Windows, you can also use the KeePassRPC plugin so that the browser is automatically made to dialogue with KeePass. It is possible to automatically fill in the fields for login with username and password. On macOS (but also on Linux and Windows), you can use the KeePass fork. The problem is always: if these solutions are perfect for a single device (the login credentials are stored in an encrypted file), how can you access them from multiple devices?
You can share your password file through a cloud storage service like Google Drive, Microsoft OneDrive, or Dropbox. But most (as we do, on the other hand) will turn up their noses (at least you can store them in an encrypted volume with well-known tools such as VeraCrypt or Cryptomator ).
Alternatively, you can set up a VPN server in the office or at home and access the Keepass password database stored in a shared folder locally protected with a username and password (any app that supports the SMB protocol can be used from mobile devices). But what if you were looking for a more professional solution to share access credentials within the work team?
Psono, To Share Passwords, Login Credentials, And Other Sensitive Data Between Collaborators
Psono is an excellent option for open-source enterprise password management software. Also available on the cloud (but we have a specific allergy to solutions that allow you to store credentials on the cloud…), Psono is also offered as an on-premise package: companies can install it within their infrastructure and provide access safely from a distance. The Psono source code is publicly available at this address and is released under the Apache 2.0 license.
In addition to sharing passwords, Psono allows you to manage files and folders with sensitive content. Accessible through a convenient web interface, Psono provides practical extensions for Google Chrome and Mozilla Firefox to interface directly with the login forms. The list of Psono features is endless, which can be consulted on this page.
If installed on your server (you can try Psono or use it permanently, even from a virtual machine), the Community Edition can be used without limitation, not even in the number of users. The beauty of Psono is that to strengthen the security of the system further, the platform also supports two or more factor authentication with Google Authenticator, Duo ( Two-factor authentication: how to extend it to professional use services ), and Yubikey key ( Security account, how to improve it with FIDO2 keys ): click on Account and then on Multi-factor authentication.
For example, we configured access with username and password plus Google Authenticator key (install the app on a mobile device authorized to generate access codes) in just 3 minutes. You will be presented with a step-by-step procedure for the Psono setup wizard, starting by asking which version you wish to install. We recommend typing CE to try the Community Edition without any limitations. The following steps allow you to confirm the ports on which the Psono server will listen, the name of the database, its password, and so on.
A digital certificate will also be generated using the HTTPS protocol to allow all data to transit.
Psono will create three users by default: the administrator ( admin ) and two “demo” users with “standard” passwords. By logging in, you will immediately need to change the administrator password by choosing a solid one and activating multi-factor authentication.
By adding /portal to the Psono server URL, you will access the administrative panel, which helps manage user accounts authorized to log in. By installing the Psono browser extension, every time you log in to a web page, you will be asked if you want to memorize your credentials (if you haven’t already done so) to retrieve them later quickly.
By avoiding exposing the Psono server on a public IP and, for example, connecting remotely via VPN, it will be possible to manage credentials, passwords, and other sensitive data in total security, from any device and even in teams.
ALSO READ: What Are The Primary Forms Of Cyber Threats?