Educause Security Discussion mailing list archives
Re: Password Management
From: "Pardonek, Jim" <jpardonek () LUC EDU>
Date: Tue, 26 Feb 2019 16:18:15 +0000
We are getting ready to roll out lastpass to our 20,000 students, faculty and staff. Not to hijack the thread, but does anyone have any information on how they evangelized this to the population. Also do any of you have a policy on the sharing of passwords. Best! James Pardonek, MS, CISSP, CEH, GSNA Information Security Officer Loyola University Chicago 1032 W. Sheridan Road | Chicago, IL 60660 •: (773) 508-6086 Loyola University Chicago will never ask you for your username or password. For the lastest information security news at Loyola, please follow us online, Twitter: @LUCUISO Facebook: https://www.facebook.com/lucuiso/ Our Blog http://blogs.luc.edu/uiso/ From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Greg Williams Sent: Monday, February 25, 2019 2:43 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Password Management It’s really not so much about price as it is the 100% increase every year. I don’t want to keep paying for something that increases that much every year. If it works out that LastPass is still the best option for our requirements, we’ll continue. I appreciate all the feedback from everyone so far, just want to make sure we are investigating all options! Greg Williams, ME Director of Operations Office of Information Technology University of Colorado Colorado Springs 1420 Austin Bluffs Parkway, (EPC 136A) Colorado Springs, CO 80918 Phone: (719) 255-3292 www.uccs.edu<http://www.uccs.edu/> From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> On Behalf Of Austin Bollinger Sent: Monday, February 25, 2019 1:37 PM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] Password Management If price is a concern, I am curious if you have investigated into Passwordstate<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.clickstudios.com.au%2F&data=02%7C01%7Cgwillia5%40UCCS.EDU%7C97cf1e06a3e94154cfa308d69b610c0b%7C529343fae8c8419fab2ea70c10038810%7C1%7C1%7C636867238460049451&sdata=1G36tOP4fQURSHWCfnjCo4JGFsF%2B2A9m8%2BEvXZd%2FUJ4%3D&reserved=0>? Built by an Australian software development company that began back in May of 2000 and I really admire their transparency<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.clickstudios.com.au%2Fabout-us.aspx&data=02%7C01%7Cgwillia5%40UCCS.EDU%7C97cf1e06a3e94154cfa308d69b610c0b%7C529343fae8c8419fab2ea70c10038810%7C1%7C1%7C636867238460059465&sdata=flUIu8cxBil4SgRShG5yoyE0RNAMBqRC2jRv3UYD2pY%3D&reserved=0> - Click Studios. Their pricing maxes out at $5,700 at time of email (once off cost) for unlimited users. Beyond that, yearly upgrade protection is $1,140. The pricing and yearly upgrade plan decreases in pricing if less users. If not checked into, they have a free demo for up to 5 users. Not a bad option to save! Still has your typical PAM features and more.. Regards, Austin Bollinger IT Security Analyst IT at Grand Rapids Community College austinbollinger () grcc edu<mailto:austinbollinger () grcc edu> | https://grcc.edu/informationtechnology/informationsecurity<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgrcc.edu%2Finformationtechnology%2Finformationsecurity&data=02%7C01%7Cgwillia5%40UCCS.EDU%7C97cf1e06a3e94154cfa308d69b610c0b%7C529343fae8c8419fab2ea70c10038810%7C1%7C1%7C636867238460059465&sdata=Dq9yjeZP%2FKC01%2BqODiJQEBLehKo%2FpFd3sVSrZipKf28%3D&reserved=0>
"Madl, Michael" <michael.madl () INDWES EDU<mailto:michael.madl () INDWES EDU>> 2/25/2019 3:14 PM >>>
IWU is in the beginning stages of implementing Keeper Security. One of the reasons we choose it was the price point. About 48$/yr/usr and we are only using in IT for now. MICHAEL MADL INFORMATION SECURITY OFFICER UNIVERSITY INFORMATION TECHNOLOGY [cid:image001.jpg@01D4CDBC.957F9860] DO NOT provide your username, password, or any personal information requested by any email. IWU WILL NEVER ask you for your username or password via email. DO NOT CLICK links or attachments unless you are positive the content is safe. CONFIDENTIALITY NOTICE: This email, including applicable attachments, may include legally protected information. If you are not the intended recipient of this message, you may not disclose, print, copy, save, or disseminate this information. If you have received this email in error, please notify the sender by replying to this message and immediately delete this message. From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> On Behalf Of Greg Williams Sent: Monday, February 25, 2019 10:55 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Password Management ** This message originated from outside the Indiana Wesleyan University email system ** ________________________________ Looks like this topic hasn’t been discussed in a while (~2 years). We *have* had around 100 users in LastPass Enterprise for our IT department for the past 4 years. This is the 4th year in a row that the price has increased 100% year over year. It was $8/year/user 4 years ago. So over 4 years $8*2*2*2 = ~62/year/user today. What is everyone else using these days? Are you using DUO with it as well? Thanks! Greg Williams, ME Director of Operations Office of Information Technology Lecturer Department of Computer Science University of Colorado Colorado Springs 1420 Austin Bluffs Parkway, (EPC 136A) Colorado Springs, CO 80918 Phone: (719) 255-3292 Connect: Skype<skype:gwillia5 () uccs edu?chat> | WebEx<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fuccs.webex.com%2Fmeet%2Fgregwilliams&data=02%7C01%7Cgwillia5%40UCCS.EDU%7C97cf1e06a3e94154cfa308d69b610c0b%7C529343fae8c8419fab2ea70c10038810%7C1%7C1%7C636867238460069470&sdata=vb0AFH4yDCLQDjRSucxJ%2FKsSVgSLZVBrsvWSLgWNcHo%3D&reserved=0> www.uccs.edu<http://www.uccs.edu/> This email has been received from a sender outside of the GRCC network. Use caution before clicking links/attachments
Current thread:
- Re: Password Management, (continued)
- Re: Password Management Maud, Phil (Feb 27)
- Re: Password Management Kevin Crider (Feb 27)
- Re: Password Management Maud, Phil (Feb 27)
- Re: Password Management Barton, Robert W. (Feb 27)
- Re: Password Management Gunnells, David H (Feb 27)
- Re: Password Management Kevin Crider (Feb 27)
- Re: Password Management Austin Bollinger (Feb 25)
- Re: Password Management Greg Williams (Feb 25)
- Re: Password Management Austin Bollinger (Feb 25)
- Re: Password Management Pardonek, Jim (Feb 26)
- Re: [External] Re: [SECURITY] Password Management Gregg, Christopher S. (Feb 26)
- Re: Password Management Frank Barton (Feb 25)
- Re: Password Management Hagan, Sean (Feb 25)
- Re: Password Management Blake Ketcham (Feb 25)
- Re: Password Management Linc Nesheim (Feb 25)
- Re: Password Management Emily Harris (Feb 25)
- Re: Password Management Walter Moore (Feb 25)
- Re: Password Management Jackson Muhirwe (Feb 25)