Before diving deep, the only people that should hold the keys to your church accounts should be a core team. That core team should probably be less than 5 people that are trusted and should probably have signed some type of employee handbook or contract about portraying the church’s image online.
How is your church or your church’s communication team sharing passwords right now? Are you sharing one password across the board? Sorry guys, having “John3:16” as your password isn’t as secure as you think.
On my church’s web team, we share one LastPass account. We share the LastPass account across five users that are exclusively on our web team.
LastPass is a great, free tool for generating secure passwords and storing them. All of these passwords are then encrypted and saved in the “LastPass Vault”. They’re encrypted in such a way that not even the LastPass team can get to them, only you can. This is all stored behind one account with one master password.
How to Set It Up
Choose a core group of people
Who will need these passwords, who only needs some passwords. Choose a small core group of people to give access to the LastPass account.
Choose an email account and master password
More than likely your team probably has an email address like [email protected] or [email protected]. Choose that email address as the main account. Why? It’s probably more accessible to that core group of people, if it isn’t, maybe it should be. Then you have to set a master password. This is the password to rule all passwords so choose carefully. You want it to be complicated. I might recommend something like Habakkuk1:5isagreatVERSE! or something like that.
Set it up
Setting up LastPass on your computer is super easy. LastPass works on Windows, Mac, iPhone, Android, and probably more. I use LastPass as an extension on Google Chrome and I also use it on my iPhone for our church’s Instagram account (because Instagram still hasn’t allowed multiple accounts…one day, y’all).
I’ve also integrated using LastPass personally and have loved it so far. To log into website, you can literally click inside the Username field and have LastPass fill in the credentials for you. This makes our workflow seamless and easy. No more asking if we have an account. No more guessing passwords. It just works.
How do you share passwords at your church?
Do you have a method that works better than this?
Disclaimer: No one was paid to review LastPass. I only wanted to share a way that works for my team. I also know that LastPass Premium exists, but for the time being this works for our team. We’re reviewing adding a budget line for premium next year, which would extend usability and security by letting each user have their own account and still access enterprise passwords.
[Image via LastPass Helpdesk]
Casey Dierking says
This is great stuff. Lastpass is awesome.
Katie Allred says
Glad you liked it! I love Lastpass!
Chris Wilson says
Great tip Katie, Have you checked out 1Password as well? Very similar but it isn’t cloud based. It doesn’t have as good an Android app but instead of paying a subscription fee to sync devices, you just pay for the program. You can still send your team password details and sync over wifi or Dropbox.
I suspect LastPass is probably a better solution for a church team though due to it’s cloud based nature but I believe they were affected by Heartbleed where as 1Password wasn’t because it doesn’t sync in the same way. Anyway great article.
Katie Allred says
I don’t know of many services that weren’t affected because of Heartbleed, but luckily, we don’t save a lot of confidential information under many of our church accounts. My boss has already changed the passwords to many of those accounts via Lastpass.
1password might work, but we’ve found that Lastpass’ cloud functionality best fits our nomadic team.
Eric Dye says
This is really pro. I dig it.
Katie Allred says
Glad you do! Also I’m back!
Eric Dye says
Sweet! 😀
Adam Dye says
Eric, you stole my last name.
Eric Dye says
I have also stolen the first name of Eric. 🙂