Find your content:

Search form

You are here

How do you manage passwords across SFDC orgs?


As an ISV partner I find myself juggling a bunch of username/passwords for my SFDC orgs.

I have our "real" org where we do our own CRM related stuff. I have multiple dev orgs where we create our managed packages. We have orgs we use to demo. We have the partner portal. Sometimes we have direct logins to customer production orgs and sandboxes (this is less frequent now that they can grant us login access through our apps). How do you manage all these usernames/passwords, especially with many of them wanting to be changed via password policies?

Is there 3rd party software that makes this easier or something within Salesforce itself that I'm simply unaware of?

Attribution to: Ryan Elkins

Possible Suggestion/Solution #1

I noticed in the Winter 13 release notes (page 204 of the PDF) there is a mention of "Environment Hub (pilot)". Worth keeping an eye on.

Starting in Winter ‘13, you can use the Environment Hub to view details of all your Salesforce organizations from one, central location. This can make administration much easier, especially for companies that use a large number of organizations for development and testing.

From the Environment Hub, you can:

  • Register all organizations currently used by your company
  • Automatically detect relationships between organizations
  • View details about each organization, such as its type (for example, Development, Patch, or Release) and tags
  • Assign one or more tags to any organization
  • Filter organizations by tag

Environment Hub online help

Attribution to: Daniel Ballinger

Possible Suggestion/Solution #2

We use 1Password to manage usernames/passwords of customer orgs. The only issue I have is that it requires everyone on the team to update each other when a password expires. As it solves the problem of remembering usernames and passwords - it creates an issue when you start doing team development.

Attribution to: Justin J Carlson

Possible Suggestion/Solution #3

Use a password management tool like 1Password, Lastpass, or KeePass. I believe all of them have desktop apps, browser plugins and mobile apps with database syncing in one form or another (such as DropBox).

I prefer 1Password as it's plugins make it very easy for me to use multiple logins for the same site. When I go to I hit a hotkey and it shows all my SalesForce accounts and if I begin typing it searches the account names, then I can arrow down and hit enter (or just hit enter if there's only one result) to log in.

It's the only sane way I've found to manage 50+ Salesforce accounts easily.

Attribution to: E.J. Wilburn

Possible Suggestion/Solution #4

I use superfell's excellent Trapdoor for the Mac (stores the org credentials in the Mac Keychain, so it's pretty secure). On the PC, there are any number of browser-based password managers.

In a more permanent, 'production' setting (you actually want to make an SSO link between two orgs), you could do org-to-org sign on with SAML or Authentication Providers.

Attribution to: metadaddy

Possible Suggestion/Solution #5

I use the Google Chrome plugin: Logins

Not very secure, but easy for poping between a lot of orgs very quickly!

Also easy to export and import large sets to an XML document for easy transport. login manager

Attribution to: jordan.baucke

Possible Suggestion/Solution #6

You all are way more advanced than I am. I have a very long Google Spreadsheet.

Attribution to: Nick Hamm

Possible Suggestion/Solution #7

We use a Google Spreadsheet to handle lots of orgs (development, QA, packaging, patch, etc). In addition to usernames and passwords, we also store Org Ids (useful for finding an org in the subscriber console or when pushing patch updates), tokens (useful for logging in via the API), Salesforce instance (useful for telling what org may be affected by something going on at Salesforce, i.e. upgrades, maintenance, service disruption, etc), and a formula to create a login link:

="" & trim(C4) & "&pw=" & trim(D4) where C4 is the username and D4 is the password.

Attribution to: Rob Scott

Possible Suggestion/Solution #8

Remember them. Not being facetious, allow me to elaborate. I typically have 2 roots in a password, lets call them R1 and R2. Now if I'm logging into to a production org for client1, my password will be R1client1R2 If it's their sandbox called dev it'll be R1client1R2dev

So remembering the two roots for my passwords I just need to know where I am logging in to.

This can be expanded for personal logins else where, for example my stack exchange password I might use SE with the roots to give R1SER2. With R1 and R2 being 10+ characters each, you're quickly reaching password length that is not brute forceable in any realistic time frame.

This now satisfies a number of important criteria for passwords - Use a different password for each site. - Use passwords which are easy to remember ( you have only 2 roots to remember). - Use passwords which are not easily brute forced (i.e. long).

Attribution to: David Gillen

Possible Suggestion/Solution #9

Just to let you know that I have now used the environment hub. You do need to ask for it to be implemented (as it is strong magic). Once set up, you identify one of your orgs as the hub. You link to other orgs by giving a username to that org. Finally you map logins from the hub to logins to the linked org. If you then switch on Single Sign On you can just click 'login' to be logged into the other org. It also allows you to spin up new test orgs.

Just a comment... if you are using a browser based password manager, you have to be aware that they can be extracted, easily, with commonly available tools. I'm for encrypted storage, 2-factor authentication.. it may be a faff, but better than explaining to all your clients that your (admin) passwords are all in the wild!

Attribution to: JD-cloud-genius

Possible Suggestion/Solution #10

I personally use LastPass for this and haven't really looked back.

It makes it a lot easier for me since I use a lot of machines and LastPass keeps all of them in sync.

Attribution to: Joey Chan

Possible Suggestion/Solution #11

Ive been syncing passwords with dropbox and keepass with a 2 factor authentication for a couple years now and it works like a charm. I've started using the logins plugin for chrome as well due to its one click operation and ease of use. since that plugin became the primary, I export the logins every now and then and store them in keypass should I be on another machine and need a clients password.

Attribution to: ebt

Possible Suggestion/Solution #12

Just want to add the Chrome Extension I've recently published, the Salesforce ORGanizer, which includes credentials saving, easy links, tab icon color change (ease tab recognition) and a developer console on every Salesforce tab opened....and more coming in the next releases

Attribution to: Enrico Murru

Possible Suggestion/Solution #13

I use browser bookmarks. You can append the username & password to the URL and save as a browser bookmark.

Name: Salesforce Org ABC

where username = and password = mypassword

Attribution to: Shumon Saha
This content is remixed from stackoverflow or stackexchange. Please visit

My Block Status

My Block Content