"I need the login credentials for the CMS service"

*sends the email confirmation email*

"No, I can't confirm your email for you. In plain English: send me the email and password to login."


Literally what the fuck is wrong with these people.

I swear we're all fucking doomed.

  • 9
    I guess the full stack part of your name doesn't include the security part
  • 1
    Fort anyone wondering how to share creds securely, you can use a secret store (hashicorp vault) or group password manager (one password might do this).

    A more free way is to have everyone generate pgp keys and put the public key on their email signatures and slack profiles. Encrypt data with the receivers public key before emailing it.
  • 0
    @lungdart Even better: Have single sign on and a everyone have an own account. Group shared accounts means the password must be change whenever someone leaves the company, including contractors requiring this password temporarily.
  • 1
    @lungdart Love those 8 upvotes for all the bigbrains here who will go turn around 5 minutes later and complain about overengineering. dude this is a blog for someone, we don't all work in corporate mega companies. I'm not setting up a secrets service (of which I DO know about many) for someone's blog CMS. It's just Contentful, sharing a password / email is fine.
  • 1
    @fullstackchris should have used a sarcastic mark on the first comment so you knew it was more of a joke.
Add Comment