Loading Profile...
Are company passwords safe to store in a private wiki for my small business?
I would love to have a private place where my partner and I can store all of our shared passwords to banks and various websites and such. I know having it private would be fine but can't people see what's on the page if it's not encrypted? Would the platinum level (all https:) be the only secure way to do this? Would storing it in an embedded spreadsheet be any safer?
1
person has this question
I have this question, too!
Tell me when someone answers.
The more people who ask this question, the more it gets noticed.
The more people who ask this question, the more it gets noticed.
The best answer from the company
-
I would definitely recommend getting end-to-end SSL support if you're going to be storing highly confidential information like passwords on your wiki. While it's true that your private wiki is secure against outsiders browsing your information, if you connect to your wiki over an open wireless connection (as is pretty common), you would be broadcasting the information on your wiki (but actually not your wiki login itself, since that's on SSL) in the clear to anybody with the technical capacity to listen. While this kind of information hijacking is rare, the best way to ensure strong protection of the data is to use our platinum or business plans.
The company and 1 other person say
this answers the question
Create a customer community for your own organization
Plans starting at $19/month
-
Inappropriate?I would definitely recommend getting end-to-end SSL support if you're going to be storing highly confidential information like passwords on your wiki. While it's true that your private wiki is secure against outsiders browsing your information, if you connect to your wiki over an open wireless connection (as is pretty common), you would be broadcasting the information on your wiki (but actually not your wiki login itself, since that's on SSL) in the clear to anybody with the technical capacity to listen. While this kind of information hijacking is rare, the best way to ensure strong protection of the data is to use our platinum or business plans.
The company and 1 other person say
this answers the question
-
Inappropriate?Thanks David, that explains a lot.
But since my little company can't afford $1000/year for that solution I am wondering if another solution might work. I know this probably isn't your forte, but I am just trying to find a safe and cost effective solution for my company to manage passwords between two users in different cities.
We do use public/open wireless connections at times so, would an information hijacker be able to see what is in an excel spreadsheet that is attached to a page if we downloaded/uploaded it over a open connection?
If anyone else has any unofficial ways to stay safe, I'd love to hear them.
Thanks! -
Inappropriate?A free password management solution that you might want to take a look at is KeePass http://keepass.info/, http://en.wikipedia.org/wiki/KeePass - I used this at my previous job and it worked great.
You should be able to share your KeePass file via your wiki, as an email attachment, or maybe even via IM. Good luck!
1 person says
this answers the question
-
Inappropriate?Thanks Joel, Good idea.
Unfortunately the other user is on a mac and I'm on a pc, so that wouldn't work.
Do you know if a hijacker can see what's inside an excel file that's attached to a page or just the information on that page? -
Inappropriate?Actually, there is a version of KeePass that does work for Macs - I found some wikipedia info on it, but haven't used it myself, so you'd have to investigate if that's the right option for you. Also search for "password managers" on Wikipedia - there were some other options listed there.
Here's the link for KeePassX: http://en.wikipedia.org/wiki/KeePassX
Good luck!
P.S. In PBwiki 2.0 there will be page-level security available, which can make your data secure from other users of your wiki - keeping things on a need-to-know basis, as it were :)
http://blog.pbwiki.com/2008/01/08/pbw... -
Inappropriate?Casey is absolutely correct. I actually used KeePassX while my other co-workers used the Windows version.
EMPLOYEE
