Overview
1password is our secure vault for credentials and other sensitive information.
1password is the industry leader in password storage. They have a great suite of apps and browser plugins that make it easy to generate and use totally secure credentials.
1password is super helpful for storing sensitive development information like server access and API keys, and business information like financial documentation.
đź“ŹÂ Rules for 1password
✅ Do…
- Keep all credentials in 1password. Do not store Cantilever credentials in any other services, or browser storage.
- Manage 2fa tokens in 1pass.
- Keep all financial information related to Cantilever in 1pass.
- Keep API keys and other sensitive dev information in 1pass. Use their .env feature to manage these.
- Install the 1password apps instead of using the browser version. Especially, install the Browser Extension.
- Use a strong master password.
- Print out your emergency kit when you first set up your account.
🚫 Don’t…
- Share 1password credentials to anyone outside of the company
- Put personal credentials in Cantilever vaults
Naming Conventions
Vaults
Vaults should be prefixed with “Client: “ or “Contributor: “ if those prefixes apply. Follow the existing naming conventions.
Account Credentials
Use this format to title credentials:
[Account Owner] Account Description
In other words:"[Who] What"
Or... "[Owner] Thing"
Or... "[Person or Company logging in] Thing they are logging in to"
So, if Cantilever is the 'account owner' of a password for a particular client, the naming might go as follows:
[Cantilever] eBeam Imgix
The specific person is not important unless there are multiple accounts associated with a given service, in which case it would be:
[Andrew] eBeam Imgix
or
[Sherbert] eBeam Imgix
For any given password, the default owners are generally Cantilever or the client. Using eBeam as an example, other naming conventions might look like:
[eBeam] Wordfence
This is an account and service that the client uses, but we have access to.