What is the best way to store passwords for an organization? Heartbleed has me wondering if our passwords are vulnerable. There are a number of passwords that we share between multiple users who need to be able to access various servers and systems. In many cases, these users are in different offices or work remotely. What procedures should we enforce to make sure that storage of passwords is as secure as it can be?