Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: How to authentificate an user via telephon?

From: "Chris Berry" <compjma () hotmail com>
Date: Fri, 06 Dec 2002 10:38:17 -0800
From: "Gary Turovsky" <GTurovsky () tpgstaffing com>
> I also recommend PasswordSafe from www.counterpane.com its a free
> product that allows you to manage multiple passwords in a secure
> 448bit blowfish encrypted storage. (that should help your users from > forgetting their passwords all the time) 

Except when they forget the passphrase for their encrypted passwords :)
*sigh* If only that were funny instead of true. Against that possibly I recommend having them write down their password and placing it in a sealed envelope inside a safe, with their signature across the seal covered by tape. It might be possible to get that information without disturbing the container, but it would be very difficult and out of the range of ability of anyone but government organizations like the CIA. I still believe its a good solution because they only have to remember the passphrase to their encrypted storage, and all other passwords can be recovered from there. (including their logon password, the admin can log in to allow them access to the safe.) 

Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates

"Live dangerously, overclock your servers."

_________________________________________________________________
Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
Previous By Date Next
Previous By Thread Next

Current thread: