How to Safely Share Customer Credentials with Velixo Support

In the digital age, safeguarding customer credentials is paramount. At Velixo, we prioritize the security and privacy of our customers. When sharing sensitive information, such as passwords, with our support department, it is crucial to use secure methods. This guide outlines the steps to safely share customer credentials, particularly focusing on using onetimesecret.com for password sharing, and our internal practices for handling these credentials securely.

Why onetimesecret.com?

Onetimesecret.com is a secure platform that allows you to share sensitive information, like passwords, without the risk of exposing them in clear text. It creates a one-time link that can only be accessed once, ensuring the information cannot be retrieved if the link is intercepted after its initial use.

Steps to Share Credentials Safely

1. Prepare the Credentials:
   • Ensure you have the customer's username, instance URL, and password ready. Remember, only the password will be shared via onetimesecret.com.
     
2. Access Onetimesecret.com:
   • Go to onetimesecret.com.
3. Create a Secret:
   • Enter the customer's password in the designated text box.
   • Avoid using a passphrase for additional security.
   • Click on “Create a secret link”.
4. Share the Secret Link:
   • Once the secret link is generated, copy it.
   • Send this link to Velixo’s support department via your preferred secure communication channel.
     
5. Support Department's Secure Handling:
   • Upon receiving the onetimesecret link, the Velixo support team will securely access the password.
   • The password is then stored in a secure customer vault within 1Password, which has restricted access, ensuring only authorized personnel can view it.
6. Share Other Credentials Separately:
   • Email the username and customer instance URL to the support team separately from the onetimesecret link.
   • This ensures that if the onetimesecret link is compromised, it exposes only the password, with no indication of the associated account or URL.
7. Confirmation:

   • Await confirmation from the support team that they have accessed the information.

   • Onetimesecret will automatically delete the information after the first access, enhancing security.

Best Practices

• Timely Sharing: Share the onetimesecret link as close as possible to the time the support team needs it.
• Separate Communications: Never include the password link with other credential information in the same communication.
• Verify Recipient: Confirm the identity of the support team member before sharing sensitive information.
• Follow-up: Regularly update passwords and audit access following support interactions.

Conclusion

By following these steps, you can ensure that customer credentials are shared securely and responsibly with Velixo’s support team. Always prioritize security and privacy to maintain trust and safeguard sensitive information. Our internal practices, including the use of 1Password for storing passwords in a secure vault, further reinforce our commitment to data security.