Re: Password management System

["Samantha Fetter" <Samantha.Fetter () truevalue com>]

FYI - Novell Access Manager is different than "Novell Identity and
Access Management solutions". 

Novell Access Manager (the links provided) is for fronting Web
applications only (reverse proxy), and doesn't do any password
management - it leverages eDirectory, Active Directory, etc as an
authentication source.  It can also do Federation to outside sides.  It
does also have an SSLVPN that allows granular access to internal
resources.
Novell SecureLogin is for SSO-enabling basically any sort of
application, including web, thin and thick-clients -
http://www.novell.com/products/securelogin/
Novell Identity Manager - Provisioning, Password Management, etc -
http://www.novell.com/products/identitymanager/

Cheers,
Samantha

> > > John Morrison <john.morrison101 () googlemail com> 3/24/2010 11:34 AM
Depends on what scale you want to do this.

For enterprise scale Novell Access Manager can be used and runs on
Linux.
        http://www.novell.com/products/accessmanager/integrate.html 
        http://www.novell.com/products/accessmanager/techspecs.html 

Enterprise Single Sign-On
Novell Identity and Access Management solutions allow users to access
a variety of network resources through a single sign-on process. Once
users log in to any computer on the network, they are automatically
authenticated to the single sign on-enabled applications, databases
and operating system platforms they need—with just one login. These
single sign-on capabilities are also flexible enough to require more
than one type of authentication—such as fingerprints, tokens, smart
cards, strong passwords or any combination of these—to ensure
roles-based access to sensitive information. With enterprise single
sign-on, organizations can eliminate most password-related calls to
the helpdesk and allow IT administrators to focus on value-added
projects.

Password Management
Everyone recognizes the need for strong passwords, but without
enforcement, even the strongest password policy does nothing to
strengthen security. And yet, enforcement is difficult because
applications and systems interact with users in different ways, and
some don’t even have the capability to specify password
requirements.
Our automated approach to identity and access management allows
organizations to set and enforce strong password policies. Novell
Password Management stands between a user and her authorized
applications. When a new user is created, or when his credentials
change, Password Management validates the password against your
company policy, and then synchronizes the password to all other
systems. And easy self-service features increase user and IT staff
productivity because users can manage their own credentials rather
than calling the helpdesk to reset passwords.

On a more personal scale CyberCiti has some options.
       
http://www.cyberciti.biz/tips/personal-password-manager-linux-windows-os-x.html





On 22 March 2010 21:15, Gichuki John Chuksjonia <chuksjonia () gmail com>
wrote:
> Hi guys.
>
> Please help on this, been researching but is still wonna hear you
ideas.
> Am looking for a secure Password Management System that can work on
> Unix or Even Linux systems. I wonder if there is any system as above
> that has several levels of Security. E.g a system password has a
> higher level, firewall passwords to be more higher, and maybe webapp
> passwords more lower level etc. Also has info on who to log into
each
> level and if someone tried to bypass to jump to another profile.
>
> Any ideas?
>
> Regards,
>
> ./Chuks
>
>
> --
> --
> Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
> I.T Security Analyst and Penetration Tester
> infosigmer () inbox com 
>
> {FORUM}http://lists.my.co.ke/pipermail/security/
> http://nspkenya.blogspot.com/ 
> http://chuksjonia.blogspot.com/ 
------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs
an SSL certificate.  We look at how SSL works, how it benefits your
company and how your customers can tell if a site is secure. You will
find out how to test, purchase, install and use a thawte Digital
Certificate on your Apache web server. Throughout, best practices for
set-up are highlighted to help you ensure efficient ongoing management
of your encryption keys and digital certificates.
>
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1

>
------------------------------------------------------------------------
>

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an
SSL certificate.  We look at how SSL works, how it benefits your company
and how your customers can tell if a site is secure. You will find out
how to test, purchase, install and use a thawte Digital Certificate on
your Apache web server. Throughout, best practices for set-up are
highlighted to help you ensure efficient ongoing management of your
encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1

------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------