Re: Re: third-party password managers in the enterprise

[bucklerk () dsainc com]

The problem with password managers is that some of them use weak encryption.
Make sure you take the time to investigate any password manager software you consider implementing.  Find out how 
strong the encryption is, if there are any known vulnerabilities, etc.  Also make sure to review the password manager's 
privacy policy to make sure it isn't phoning home with information about your machine.
It's important that users in your organization do not use password managers to save administrator or privileged user 
passwords.
If their box would become compromised, an attacker could use the password manager to obtain administrator access on 
other machines.

---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------