I assume many of the team out there are like us with team Facebook, Twitter, Wordpress, Instagram, Google,… accounts you have passwords that the few know and sometimes don’t always use but when you need to the processes usually involves the “Forgot my password” button. How do you save these username and passwords. Our team has the second problem that over the cource of several years the main coaches seem to phase out as their kids move on to collage.
Our team even has two youtube accounts because no one know who created the first one and what email was used. Can’t delete it can’t use it.
We maintain a google sheet with all login info for social media and store that in a shared google folder. Works well and has saved our butts on multiple occasions.
I think it’s also important to make sure any public-facing social accounts are made using a team(non-personal) email address. That way as people graduate/cycle through the program, access to these accounts is not lost.
Yep, we have a zombie Gmail address. A student entered it by mistake as our contact for Instagram and we almost got locked out. We contacted some old members to see if they knew who might have access to that account. Luckily someone was still logged in to a device and could fix the contact address.
When possible, handling accounts through a team email gives a focus point if key members leave. Just make sure that log-in doesn’t get lost or unrecoverable.
There are sometimes it seems not exactly clear how to set up a non-person account. I think on Facebook (our biggest social media) it still has a single admin that is through a personal account that is managing our Page. If someone is familiar with the steps to create a non-person Facebook account to administer a page, please post. I realize today that our Github doesn’t have an account, but rather individuals with an organization. So I need to fix that sometime.
My preference would be to have an organization with two admins (one linked to the lead person and another to the team Gmail). Then any students should be added at just below admin level. The best practice would probably be to have separate passwords for each site for the team account with only the mentor for that site plus the two head mentors having it (and keeping the list somewhere that it would be found in transition).
In practice, some of our passwords are pretty weak and way more students than probably need to know have access to accounts, it’s not a great combo, but I will say that setting up a number of team accounts, it is a pain to have each student interested to set an individual account to gain access for something they might only use a few times with the team, so you give them the team account to login. Then you might run into problems if you’ve been reusing passwords across your team accounts because it helps avoid a bunch of passwords nobody remembers.
I had a thought, which would be to make two team accounts but with different privileges. Then you could give out the lower privileged account with less concern.
KING TeC is a massive team, with and FRC team, 9 FTC teams, and a ton of FLL and Jr. FLL teams, so we have a lot of passwords to manage. Because of this, we have had great success with LastPass. It works well on a large scale and allows for seamless and secure access to all devices used by the team. It is also completely disconnected from any particular individual, which is important for any constantly moving team like a high school robotics team.
I know with Facebook you can have multiple administrators for a Facebook page but then also have editors for it. I don’t believe you can make a page not linked to a personal account but you can add multiple admisntrators and multiple editors. The editor is able to make posts but it able to change account settings.
To start with, we set up everything with our team e-mail address. And that address is set up fully hosted on our team website AND auto-forwards everything to several mentors plus the current year’s team captains. So, if we need to reset a password for something, the e-mail to do so is received by half a dozen people that are each at 95%+ of the team meetings.
We also have a team gmail account. It’s not really used for mail (although it is an archive for anything sent to one of the team e-mail addresses), it’s real use is Google Drive. That drive is basically the history and current operating state of the team. Everything is sorted into one of three folders, and those folders are shared out. One is for mentors only, and all mentors have read/write access. Another for captains+mentors, and the last is for everyone on the team (although this last one is read-only for team members, with write-access granted on an as-needed basis for specific files or sub-folders). This helps to ensure that the broadest number of people have access to all the info the team has. This includes the password archive. That way if I’m hit by a bus tomorrow, the team can still function without me.
LastPass. It allows us to share passwords privately, so students can log in but not see the password. When a student leaves, we just revoke their access.
Our head coach has a binder with critical information he keeps in a locked cabinet in his office. All such credentials are written on a page in there. If all else fails (policy changes, buyouts, mergers, DDoS attacks) that always works.