I can see that. Any recommendations you might have to get them into BW safely are welcome.
BKP On Sun, Jul 6, 2025 at 5:02 PM sebb <seb...@gmail.com> wrote: > > On Sun, 6 Jul 2025 at 17:49, Brian Proffitt <b...@apache.org> wrote: > > > > M&P is set up with an ASF BitWarden account, Chris L has set it up for > > us. Please send the credentials to us and we will store them in > > Bitwarden, as per the M&P social media attic process. > > My concern is not about Bitwarden; I am sure that is secure once the > credentials are stored there. > > However I think that the proposed method for transferring the > credentials is not very secure. > > > BKP > > > > > > Brian Proffitt > > VP, Marketing & Publicity > > VP, Conferences > > > > On Fri, Jul 4, 2025 at 7:47 AM sebb <seb...@gmail.com> wrote: > > > > > > On Thu, 3 Jul 2025 at 19:07, Niall Pemberton <niall.pember...@gmail.com> > > > wrote: > > > > > > > > @Sebb, as you have access to the credentials, can you share them? > > > > > > > > It costs to have a Bitwarden account, so maybe NordPass is a better > > > > option > > > > for password sharing. > > > > > > It's possible to set up a free personal Bitwarden account: > > > > > > https://bitwarden.com/pricing/ > > > > > > I have one that I set up as a test a while ago. > > > > > > I have experimented with Send, and basically it creates a link that > > > allow one to access the content of the send in a browser. > > > There does not seem to be any protection against access by 3rd > > > parties; anyone who has access to the URL can see the content. > > > AFAICT the only advantage over a plain email is that the content > > > automatically disappears after a short while (default 1 week), whereas > > > emails would have to be manually deleted. by both sender an recipient. > > > > > > I'm not convinced it's an appropriate way to share sensitive data, > > > unless one shares the link via a secure channel (in which case is > > > there a need for the Send protection in the first place?). > > > > > > Or maybe I am missing something, and there is a way for Bitwarden to > > > send data directly between its users? > > > > > > GMail offers a more sophisticated confidential email: the content is > > > again shared via a link, but the link can only be opened by the person > > > with access to the email address. > > > If the recipient does not use GMail, they will be sent a one-time code > > > before they can see the message. > > > > > > This seems at least as good as the Bitwarden method, and many more > > > people have GMail accounts. > > > > > > Sebb > > > > > > > > > > Niall > > > > > > > > On Thu, 3 Jul 2025 at 17:45, Melissa Logan <meli...@constantia.io> > > > > wrote: > > > > > > > > > Hi Niall, we needed to fine-tune the workflow before responding. Here > > > > > are > > > > > instructions: > > > > > > > > > > > > > > > 1. > > > > > > > > > > Share account passwords via Bitwarden’s “Send” feature and share > > > > > the > > > > > link to: melissalo...@apache.org, b...@apache.org, wt...@apache.org > > > > > 1. > > > > > > > > > > Note: If you do not have a Bitwarden account set up, you will > > > > > need > > > > > to create one in order to send – or use another secure password > > > > > manager to > > > > > send us the link. > > > > > 2. > > > > > > > > > > M&P will create a free email account for your project, e.g. > > > > > projectn...@gmail.com. > Note, this has been completed for jclouds. > > > > > 3. > > > > > > > > > > M&P will log in to each social media account and change the email > > > > > to > > > > > the new free email account. > > > > > 4. > > > > > > > > > > M&P will verify the account with the new email, change, the > > > > > password, > > > > > and save details in Bitwarden. > > > > > > > > > > > > > > > Any questions, just let us know. > > > > > > > > > > On Mon, Jun 30, 2025 at 4:33 AM Brian Proffitt <br...@proffitt.org> > > > > > wrote: > > > > > > > > > >> We saw it, and have started the process to create a new placeholder > > > > >> account so we can transfer "ownership" of the X account to that. > > > > >> Someone from M&P will be reaching out to you/them to get the keys to > > > > >> the X account to make the transfer. > > > > >> > > > > >> BKP > > > > >> > > > > >> On Mon, Jun 30, 2025 at 5:57 AM Niall Pemberton > > > > >> <niall.pember...@gmail.com> wrote: > > > > >> > > > > > >> > Hi M&P, > > > > >> > > > > > >> > Adding mark...@apache.org as theres been no response from > > > > >> pr...@apache.org > > > > >> > > > > > >> > Niall > > > > >> > > > > > >> > On Thu, 26 Jun 2025 at 17:30, Niall Pemberton < > > > > >> niall.pember...@gmail.com> wrote: > > > > >> >> > > > > >> >> Hi M&P, > > > > >> >> > > > > >> >> The jclouds project is in the process of moving to the Attic (see > > > > >> ATTIC-244[1] ) and at they have an x.com account > > > > >> (https://x.com/jclouds) > > > > >> which has been updated as per the new Attic process for social > > > > >> media[2]. > > > > >> >> > > > > >> >> The next step in that process is to discuss with you "the best > > > > >> >> way to > > > > >> share social media credentials for safekeeping". So how would you > > > > >> like to > > > > >> proceed with this? > > > > >> >> > > > > >> >> One other thing to consider, that account is linked to > > > > >> priv...@jclouds.apache.org which at some point will be closed down as > > > > >> part of the Attic process. So it would be a good idea, once you have > > > > >> the > > > > >> credentials, to change that to something M&P control. > > > > >> >> > > > > >> >> Regards > > > > >> >> > > > > >> >> Niall > > > > >> >> > > > > >> >> [1] https://issues.apache.org/jira/browse/ATTIC-244 > > > > >> >> [2] > > > > >> https://attic.apache.org/process-howto.html#5-update-social-media-if-any > > > > >> > > > > >> --------------------------------------------------------------------- > > > > >> To unsubscribe, e-mail: markpub-unsubscr...@apache.org > > > > >> For additional commands, e-mail: markpub-h...@apache.org > > > > >> > > > > >> > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: markpub-unsubscr...@apache.org > > > For additional commands, e-mail: markpub-h...@apache.org > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: markpub-unsubscr...@apache.org > > For additional commands, e-mail: markpub-h...@apache.org > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: markpub-unsubscr...@apache.org > For additional commands, e-mail: markpub-h...@apache.org >
