leastauthority.com
leastauthority.com copied to clipboard
LeastAuthority
Rotate `info@` password.
Warning: Doing this will break some production services. Plan/execute carefully. See comments below.
@daira and I are working on monitoring deployment, and we realized we want separate google/email accounts for the monitoring processes on analytics versus rho so that each instance can have separate email/google credentials for better privilege separation.
However, the info@ password has already been exposed to analytics@, so after we've set up a new analytics@ account, we need to rotate the info@ password.
This is a (semi-) prerequisite for #270.
Warning: Rotating these credentials will break various things including new user signups. Therefore we need to be careful and coordinated on this step.
We decided not to separate the accounts yet because we ran into an authentication error trying to send mail from [email protected]. The info@ password should not be rotated (because there would be no point) until we've fixed that.
Not sure we'll keep using this address in the long run. Not even sure we're still using it now. I'll check into that and motivate the rotation if necessary.
Also, long run, maybe will move away from info@ for this because we're not monitoring mail to that address on a regular basis (don't want to lose customer correspondence).
Other options: there is a monitoring@ set up to go to a group of us.
I'd prefer we free up info@ for general use since people might use this to contact us. Let me know if you want me to set up something else set up.
