Ask HN: How do startups/small businesses manage passwords and credentials

2 points by shash7 ↗ HN
I wanted to know how small to medium size businesses manage credentials for different services. For example, a business may have a facebook page. Who has the password and auth details for that. Also, for hosting and domain information who has all the credentials.

3 comments

[ 3.2 ms ] story [ 20.2 ms ] thread
http://www.bitium.com - can't speak highly enough about them. $200 / month, unlimited web apps, passwords, users, integration with any SSO or SAML system as "authenticaltion system of record" and an unlimited number of others...plus MFA via several options (authy and google authentication), strict password requirements capabilities though use a reasonable default. Ability to change all to random values that no one who uses them can see if you choose, multiple domain support...the ability to request access to your clients passwords and let THEM manage when it's revoked really ups both our tech and marketing teams
Looks good but is there any way to manage credentials from a small startup's perspective who can't afford to get paid services like bitium?
That is the policy for my previous company:

1. Avoid sharing password between people. For example, in using Amazon Web Service, it should use IAM and every admin login with their own account.

2. Master password (e.g the owner of AWS) and credentails should be kept in a same place. The information are encrypted by a software called KeepassX and won't share on the Internet. Ofcoz, backup is still needed.