Managing passwords to your domain name account and website involves more than just long passwords and a password manager, especially in organizations. How do you ensure a smooth turnover? How do you balance ease of access with security?
Too often a site you build for one person, other than yourself, or for an organization, is open to mis-management when relationships sour, or key holders are unavailable.
You have a duty to clients to educate them about accounts secured with passwords: who should own them, and what is in their best interest. Steps hastily taken establishing a domain name and host for a demo site deserve to be redone to prepare for your exit. Costly recovery of passwords makes you liable. And what seems friendly, such as an organization of volunteers, can become explosive.
Start by separating goals from procedures. “No one person can lock out another authorized user” is a goal understandable by all customers. The solution may be complex if it is to accomodate other goals such as “Accounts must be secured from un-authorized access”. Determine whether these goals will become policy. But leave the complexity to a separate page.
Balancing ease of access with security requires ranking accounts into
- what they control: public access vs private communication
- how often their contents are changed: from less than once a year, to daily
- how many need just read access vs write access
How would you rank the domain name account? The hosting account? The email server account?
If one account controls all, it will be very hard to find a solution that meets just the two goals above. So how should control functions be separated?
I am working on a longer article containing practical solutions to these goals. I am eager to see your comments and directions to resources on the web.