

share passwords with people who need access (and often not even expose the actual password just access to it so you don't have to change everything in the event of turnover). isn't the team at a disadvantage? Another cliche warning: I need to care about forests, not trees.Īt least with LastPass (or whatever other system you can think of that's similar) you can setup "pretty good" team-based policies.

but if someone in legal still has access to the "Passowrd123" for the AWS account. you can have all the security you want on your servers. isn't security at the organization level really crappy? Here's a real world example. and only a few people actually having good passwords. With every person storing passwords their own way. Most teams (you'll agree?) have horrible aggregate password management. aren't you letting perfect be the enemy of good? =P
