How reliable is saving credentials on Syncro for clients. I am saving all credentials for clients such as encrypt keys for backups and login details in documentation section.
Will there be a scenario of data loss and/or being compromised. In terms of security I have created a hash to encrypt credentials as per Syncro documentation.
Personally I would store it somewhere else (or at least not have Syncro as the only copy) because Syncro has no way to export that data. As a general rules important data should never be only in one location (3-2-1 backup rule for example). If you can’t export it then backup/offline access is impossible. And I’m a little wary of security issues as even companies where storing sensitive data is their primary business have made horrible mistakes (LastPass).
Pretty sure there are cracking tools to easily dispatch any excel security, so no I wouldn’t trust that. Keeper is probably the most popular solution in the MSP space. Bitwarden is another, which has the benefit (depending on your opinion) of being open source and having the option to be self-hosted if you’d like to have it more locked down than a typical cloud solution. I believe both have capabilities for sharing select items with clients.
But there is no ability for clients to login and obtain their passwords.
Though you could install PasswordState for them, and then charge them a fee to manage it for them.
We are looking at offering that to our clients.
“Additionally, the password field is salted and encrypted. The salt is per row. The password is only decrypted and sent to the client at the time that the field is clicked to be shown.”
They are apparently not as secure as the vault or Syncro would require you to type a password each time to decrypt them.