currently we are discussing the whole credential Topic in my company.
Wenn ich es bisher richtig verstanden habe, gibt es zur Zeit zwei verschiedene Wege:
Take the Windows Credential Manager: Since we are working on virtual machines, each password must be entered and maintained in several places. For example, SAP passwords expire every 90 days, which means a high manual effort afterwards.
You use the Orchestrator assets: The advantage here is definitely that the passwords can be managed in one place, you only have to change them centrally. But what if multiple people and colleagues from different regions around the world have access to the Orchestrator? If you assume that you store your SAP password from the HR system in Orchestrator, every colleague would have access to this password and could use it in his process.
The last point in particular currently presents us with the challenge that we are not sure whether we should continue to use Orchestrator for passwords. It is not possible to monitor enough at this point to ensure that colleagues do not misuse SAP passwords, for example.
Maybe you can share your experiences and approaches with me.