Ask HN: Any self hosted solution to manage passwords in a team?

11 points by codegeek ↗ HN
I know this has been asked before and currently there are options such as LastPass etc. But what else is out there ? Is there a self hosted option ?

17 comments

[ 21.2 ms ] story [ 1336 ms ] thread
A good LDAP infrastructure ?
Can you expand on this?
That's only going to help you minimise per-user passwords on internal/ish systems you control.

LDAP alone doesn't let you eg securely provide people access to the password for the domain registrar.

KeePass on a shared server or even a Dropbox folder works fine, as long as you're aware of the slightly higher risk of putting your database on the internet.
Check out: https://www.passwordstore.org/

It's git friendly and supports having separate GPG keys for different credentials.

But wouldn't this require everyone who needs access to the $foo password, to have access to the private gpg key that created the $foo password in the store?

Without the ability to allow one of many private keys to decrypt a stored password I'm not sure it's that practical.

You can encrypt the passphrases with keys for multiple recipients. Each would be individually authorized to the ones their keys can decrypt.
What option does that? All I've seen is about changing the key used.
> What option does that? All I've seen is about changing the key used.

It's the first option on the man page[1]: Multiple gpg-ids may be specified, in order to encrypt each password with multiple ids.

[1]: https://git.zx2c4.com/password-store/about/

take a look at passopolis[0], a fork of Mitro[1] - which got acquihired by Twitter and later stopped supporting the project.

You can either use the free hosted service by passopolis, or host your own.

disclaimer: not affiliated with either of those, but was a happy Mitro user and then switched to Passopolis (and am still very happy to use and know the project lives on).

[0] https://passopolis.com / https://github.com/WeAreWizards/passopolis-server

[1] https://www.mitro.co/ (certificate expired)

I am obviously biased for following(founder) and password mgmt is just one part of it, but do check out Device42 for a low cost password vault: http://www.device42.com/features/enterprise-password-managem...

There is no limit on # of passwords or # of users with the base license and has full Rest API support.

How much is the base license? The pricing page has the lowest price at 1499 USD. The copyright of 2010 in the footer doesn't give me much confidence.
Take a look at ours, it's self hosted and for teams: http://teampasswordmanager.com

(I'm the founder, happy to answer any questions you have)

Some feedback: consider adding a "Pricing" link to the menu, this is one of the first pages I look at when evaluating SaaS products. I know the price is visible after clicking at "Buy now" button, but "Pricing" link may be more informative for customers that haven't decided yet.