Security Basics mailing list archives
admin account password management
From: "Lars Weste" <lweste () gmx de>
Date: Tue, 8 Feb 2005 05:53:35 +0100 (MET)
Hi, developing a password policy i'm wondering of which rules you have to secure admin level accounts on a bunch of client hosts and other hardware like switches or disk storages. more or less i came across three solutions: 1. define classes of admin level accounts for devices and client hosts depending on their security. define a password for every class and use that password at any device in that class. 2. define classes of admin level accounts for devices and client hosts and define one or more password generation rules depending on the classes of the account and generate different passwords for each device according the rules at each class of device. 3. define for any admin account at any device and client host an independent and strong password. just only looking at the passwords, point 3, independent ones seems most secure, but also most cumbersome to the administrator. so just wondering whether someone can share some practical experiences? regards lars -- Lassen Sie Ihren Gedanken freien Lauf... z.B. per FreeSMS GMX bietet bis zu 100 FreeSMS/Monat: http://www.gmx.net/de/go/mail
Current thread:
- admin account password management Lars Weste (Feb 09)
- Re: admin account password management Alexander Klimov (Feb 10)
- <Possible follow-ups>
- RE: admin account password management Jeff Gercken (Feb 10)
- RE: admin account password management Jonathan Loh (Feb 11)
- Re: admin account password management Aaron Berg (Feb 14)
- RE: admin account password management Jonathan Loh (Feb 11)
- RE: admin account password management Reece, Terry (Feb 11)