Reputation: 8815
More secure password communication
Our vendor needs some access to our test server, and thus we send them email with username/password (i think it's unencrypted). What is the most unintrusive way to bump up the security level?
Thanks
Upvotes: 2
Views: 729
Answers (4)
Reputation: 391854
Send the two parts with separate communication channels.
Use a combination of any two of the following.
Voice phone call.
Fax.
Snail Mail.
Encrypted Email.
Separate channels makes it very hard to reconstruct the credentials.
Upvotes: 2
Reputation: 284796
Call them, especially if you already know their voice. A more traditional solution (that requires some setup) is GPG.
Upvotes: 1
Reputation: 115
Depending a the level of security you're going for. It's usually inversely proportional to convenience. So here are some in order of least secure.
- Zip file with password protection (winzip)
- If you're both using Windows send them the information in locknote.exe. It's very easy and the security in the code is very tight. ( http://www.steganos.com/us/products/for-free/locknote/overview/ )
- Get their public key and have them SCP to your server to pick up the password file.
- Setup encrypted email and either send them your key or setup your public key on a public key server.
These are just some thoughts off the top of my head.
Upvotes: 2
Related Questions
- Secure way to send "reset password" link
- How to secure password in code c# email client
- Secure email without prompting for password
- Secure Email in C#
- A secure method for changing an EMail
- Sending secure temporary password
- Email-only as authentication
- does it make sense to send password information during email communication from websites
- posterous style email verification
- Are there any options for secure email?