While I don't disagree in theory... practically there a number of services that have one "owner account" that represents an organization and a business needs to make sure they have control of that account regardless of personnel changes. PyPi and Rubygems are examples from an old job.
Even when a service, like Twitter, does have multi-user/multi-owner identities in some business plan this might not make sense for small teams.
4 comments
[ 3.4 ms ] story [ 22.0 ms ] threadIt is helping a lot on credentials sharing on an iberian IT team.
Even when a service, like Twitter, does have multi-user/multi-owner identities in some business plan this might not make sense for small teams.
Otherwise, a bullet proof audit trail with external timestamps would be required.