# Best Practices Mandate

This document lists the security practices that the Intrusive Thoughts
Creative Collective requires its members strictly adhere to in order
to protect ourselves as an organization from external threats.

This document is maintained by the Infrastructure Committee. Any
change to this document should be announced to the collective body.

## Infrastructure Login Credentials & Authentication Information.

The login credentials and other operating information (security
questions, recovery passphrases, etc) for
[core infrastructure](core_infrastructure.md), social media accounts,
and other systems associated with the Collective should be stored in
the Collective password manager vault tracked in the
[infrastructure](intrusive/infrastructure) repository.

Such information should not be stored or recorded in any form or place
other than the Collective password manager vault.