IT Documentation - The Blog

Protect your Passwords by Storing them in a Central Location

June 27, 2014

For security reasons, do not save passwords to files on your network. Ensure a centralised view on and secure access to this information. Otherwise, your corporate IT might be as open as a barn door because nobody can track who has access to what information. Above all, you cannot be absolutely sure that only authorised persons have access to the passwords.

Docusnap provides a secure feature for storing your passwords that uses data encryption. This way, the data is protected on its way from the database to the computers. In addition, it will be stored in encrypted form in the database. This means that the data remains within your company and will not be synchronised to any other location. This is good news because a storage location in the cloud is not suitable for documenting your passwords either.

Enable this feature when creating the database

The password feature can either be enabled during the initial setup in the Docusnap configuration wizard or later in the Options dialog. However, keep in mind the following when using the password feature: you need to ensure the availability and integrity of the encryption file. This file is created when you enable the password feature. The file is unique and cannot be re-created. If the encryption file gets lost for some reason, it is no longer possible to access the stored passwords. For this reason, create multiple backups of this file and keep them in a safe place. If you fail to do this and the encryption file gets lost somehow, you will have a serious problem because nobody can help you in this situation.

Now, you might ask why you should run this risk at all. The answer is simple: it is worth the effort. You can reduce this risk to a sheer minimum by saving the file in multiple locations, as described above, and also include it in the daily data backup. The plus in safety by storing the file centrally is bigger than the risk of losing the encryption file. In addition, you can dispose of all existing documents where you noted passwords once your password container has been set up. You will be surprised to see how many Word or Excel documents exist where passwords have been noted. People tend to use explicit names such as “PW.doc” for these files. This is the best way to get a dressing-down from the IT security officer.

Immediately check the information to be documented

No matter where and how you save the passwords, it is important to immediately verify the information you are documenting. Always log on to the portal, console, or application for which you are documenting user names and passwords. This is the only way to be certain that you entered correct data. Nothing would be worse than documenting erroneous entries. Add this verification step for quality assurance. Again, it is worth the effort!

Then, delete the old password documents

Once you documented all passwords in the database, delete the old password files. This will significantly enhance IT security. If you are unsure, save the files to a USB memory stick and keep it in a safe place, such as a bank deposit box. If you are convinced of the Docusnap password container after some months, simply destroy the USB stick. Really destroy it, not just delete the files it contains. It might be a good idea to use a hammer for this purpose.

Documenting the passwords requires a one-time effort, but this task should be manageable. If you continue to document new passwords immediately, there will be no further effort.