Password rotation policies #8
Comments
|
I have to sort of chuckle at the thought of a process to make passwords more secure involves automatically emailing it in a plaintext email...perhaps worthwhile to use pass or something similar and get everyone's public pgp keys, and then have the email just send out a note saying it was changed. |
Oh how I long for that day...if everyone has GPG keys, then we'll just gpg encrypt the email and it'll be perfectly simple. Does everyone who cares have GPG Keys? Thankfully, with the advent of Jenkins+ (There are, of course, alternate routes like publishing it to a URL that's protected by OAuth and then only people on a whitelist of emails can log in, etc. Huzzah, over-engineering strikes again!) |
Anyone have a problem with requiring GPG keys for this? |
|
So is this ultimately to allow rotating of the IUC Tool Shed password? Currently I only ever use that to make a new IUC Tool Shed repository, or to delegate rights for a given Tool Shed repository to my personal account (via the web interface, is this in the API?). I prefer to then push the initial tool release and any updates to the Tool Shed using my personal account. |
|
@peterjc rotation of the IUC password in general. It's used a number of places (MTS, TTS, Jenkins bot, jenkins bot SSH login, etc). I imagine I would be very unhappy were it to be compromised. I think that's what most of us use it for, logging into the web to do things that aren't yet automated via bioblend. Setting ACLs on a repo is not part of the API. It should be. galaxyproject/bioblend#130 |
Password rotations should happen every once in a while, eh? Good security practices and whatnot? :) (Not to be draconian about such things...if y'all really don't want to, we don't have to)
This would means that
The text was updated successfully, but these errors were encountered: