|
|
|
|
|
|
by michaelt
1363 days ago
|
|
|
Start by not having a password manager that is universally adopted across the corporation. Then maybe you've got a planned change that requires a manual operation on the production database, and you don't have the password already because it's rotated daily. Maybe you need the agent license key for the monitoring system, so you can add it to the secrets file for the new host you're setting up. Maybe someone created a new service and, and asked you to generate a new oauth2 client secret for it, and you need to send it to them. Maybe it's corporate policy that every laptop must have an encrypted disk, and you've mailed a new remote worker a laptop and now need to send them the disk password by a different channel. Maybe you occasionally need to work with some decrepit system that doesn't support single-sign-on - like a server's IPMI or some obscure bit of network equipment. Of course there are better options than slack (which doesn't even have an off-the-record mode) but if slack is what everyone uses? Well.... |
|
|