Shared Password Management Policy
Summary
Transferred from GitHub issue 28: https://github.com/thegooddocsproject/governance/issues/28
Create a policy for The Good Docs Project governing our methods for managing passwords for the various tools the project uses.
Draft policy Google doc: https://docs.google.com/document/d/1iYrYCZLziHNv2DdBd-2zOmXvD2BwOlPasl9LD5u8POA/edit?usp=sharing
Draft list of tools and accounts Google sheet: https://docs.google.com/spreadsheets/d/1kqDQIu5ytmdVWa6VQ0YFWqKsd4rfHDwYJBhSmpL4MkM/edit?usp=sharing
Scoring
Impact
This will largely benefit our internal community by ensuring we have clear processes for sharing and managing passwords + keeping them secure by following security best practices.
Reach
This feels like it's just a basic IT competency that our organization should have.
Community/Goodwill
It will make it easier for our community members to request access to passwords for services they have a legitimate need to access. And it will ensure we have a central, secure location for storing these passwords.
Confidence
80%
Score
For each value (A, B, C, D, E) below, enter a number from the following sequence: 1, 2, 3, 5, 8, 13.
- Impact: A = 5
- Reach: B = 5
- Community/Goodwill: C = 5
- Confidence: D = 80%
Score: 40
Effort
How many 'person hours' of effort do you estimate required to make this change?
Effort: E = 5