Educause Security Discussion mailing list archives

Re: Please do not change your password

From: Russell Fulton <r.fulton () AUCKLAND AC NZ>
Date: Sun, 18 Apr 2010 11:41:02 +1200

On 17/04/2010, at 8:17 AM, Kevin Kelly wrote:

Why not use a program like Keepass and use random strong passwords for everything?  I just need to know two 
passwords, one to log on to my computer and the pass phrase to open KeepPass.  KeepPass provides copy and paste of 
user name and passwords, so I don't even know or care what most of my password are.


This is essentially what we do with our privileged accounts on our servers.  We require 2fa for user access (then sudo) 
and root/administrator are set to random passwords by SecretServer http://www.thycotic.com/.  These are for emergency 
access only as admins are expected to use their personal accounts for admin tasks


Russell Fulton

Information Security Officer, The University of Auckland
New Zealand

Current thread:

Re: Please do not change your password, (continued)
- Re: Please do not change your password Geoff Nathan (Apr 16)
- Re: Please do not change your password Allison Dolan (Apr 16)
- Re: Please do not change your password Tonkin, Derek K (Apr 16)
- Re: Please do not change your password Valdis Kletnieks (Apr 16)
- Re: Please do not change your password Tonkin, Derek K (Apr 16)
- Re: Please do not change your password Koerber, Jeff (Apr 16)
- Re: Please do not change your password Eric Case (Apr 16)
- Re: Please do not change your password Matthew Gracie (Apr 16)
- Re: Please do not change your password Steve Werby (Apr 16)
- Re: Please do not change your password Kevin Kelly (Apr 16)
- Re: Please do not change your password Russell Fulton (Apr 17)