Comments on: How Do You Store FTP Login Information For Your Clients?

By: Impel GD

Impel GD — Tue, 24 Mar 2009 14:45:32 +0000

@Mr. Secure: I use Dropbox, but only with my encrypted KeePass database. Even if somebody at Dropbox decided they wanted to open it, they would have to get around 128-bit block cipher (256bit key) AES encryption, with over a million key encryption rounds, which KeePass is set to use. The US Government has declared this is fit to protect “TOP SECRET” information – I’m reasonably certain this isn’t going to be broken by a rogue Dropbox employee or anyone else. KeePass is open source.

If you want to try Dropbox, get an additional 250MB by using this linkie: https://www.getdropbox.com/referrals/NTE4MzA4NTk

With KeePass, and optionally Dropbox, you are in control of where and how your data is stored.

By: Mr. Secure

Mr. Secure — Tue, 24 Mar 2009 13:57:24 +0000

@dropbox / passpack users:
You store the critical login data of your customers in an online database of a third party company?!?!??

Serverskine looks nice to me, but seems to be mac only :( Does anyone know a similar alternative for windows/linux, or even better web based? (wich means open source web app, to install on my own lan internal webserver)

By: Impel GD

Impel GD — Thu, 19 Mar 2009 15:11:51 +0000

Blank A4 paper? :S What happens if there’s a fire or if someone breaks in?

By: Anonymous

Anonymous — Mon, 16 Mar 2009 22:11:28 +0000

I use blank A4 paper for every klient I have. I keep all ftp, database and hosting account informations on paper. And it works for me.

By: cooperx

cooperx — Thu, 12 Mar 2009 21:53:32 +0000

I use the corporate sharepoint at work where it is backed up daily and subject to the same disaster recovery planning as our financial system so Im pretty happy with that.

I would suggest using something such as google docs, backpack or similar.

Because its not just passwords you need to keep nice and secure but also those contract documents, license files, and so on and so on.

These services are also nice and searchable which makes it so much simpler once you get up to a few hundred items

By: kai920

kai920 — Thu, 12 Mar 2009 05:32:07 +0000

Dropbox came in very handy when I accidentally corrupted the Keepass database file by accessing it simultaneously from 2 computers. Thank god dropbox automatically stores all revisions of a file, so after a couple clicks I was able to restore to the last known working copy! I still need to investigate how to best access the keepass file when I am away from my own computers... thinking I can check out the Windows Mobile version and then keep the .kdb file synced to my phone somehow. PS. Here's my dropbox referral link in case anyone wants to try it out: dropbox (we both get an additional 250MB storage for free if you use this link)

By: AppBeacon

AppBeacon — Wed, 11 Mar 2009 17:44:23 +0000

@Tara Kelly : I apologize for my last response. I should have read farther. PassPack also has a desktop client. http://www.passpack.com/en/products/passpack_desktop.php

I’d suggest you make that feature a bit more prominent on your site. People (like me) see “Online” and run away screaming without looking any further.

By: AppBeacon

AppBeacon — Wed, 11 Mar 2009 17:39:46 +0000

@Tara Kelly RE : PassPack : An online password management system isn’t very useful when you’re at Starbucks and need your TMobile account password to get logged in so that you can access the internet.

By: Alyssa Gregory

Alyssa Gregory — Mon, 09 Mar 2009 11:57:55 +0000

Wow, KeePass and Dropbox seem like the overwhelming favorite. And http://www.serverskine.com recommended by @dev_cw looks interesting, too. Great info!

By: Tara Kelly

Tara Kelly — Mon, 09 Mar 2009 11:01:08 +0000

You’ll want to use a password manager for this information.

Try Passpack – http://passpack.com

Many have commented about Keepass + dropbox… essentially Passpack achieves this automatically. It’s native online storage for passwords, and it’s built specifically for protecting critical information over the internet.

Whatever you do – text files and spreadsheet are not enough. Just think what would happen if all your client’s FTP info got stolen at once. How would you explain that to your clients?

[disclosure, I'm a founding partner at Passpack - let me know if you have questions!]