Security Basics mailing list archives
Re: admin account password management
From: Aaron Berg <aaron () voyageurweb com>
Date: Fri, 11 Feb 2005 16:12:15 -0600
This is where security through obscurity shines through. I'd suggest creating a scheme that means something to you that would be completely and utterly obscure to anyone else. Try a favorite poem and mix and match to create a password scheme. Also try storing sensitive information in either a passworded database or in a obscure file similarly named to a common system file such as something in /usr/lib.
Mind you if anyone gets into your computer or probably a handful of any system computers in a your business you can assume they have all your passwords and business information anyways. :-)
Oh and always remember that a good root kit will make it so that your system looks normal when it is actually taken. So no computer is really safe to store passwords and or system/network information on either.
Let the paranoia begin. Hope this helps, Aaron Jonathan Loh wrote:
Unless you are fortuneate enough to have your own office where you never leave your door open or unlocked when you are out and never let anyone shoulder surf, I would not suggest this. But even then the janitorial staff usually has a key and they can get in so this is never a wise choice. Unless of course it's in a 1 pt font where you have to squint your eyes to even look at it, and doing that for any prolonged period of time will drive you nuts! Taped to your monitor is not a very secure place. --- Jeff Gercken <JeffG () kizan com> wrote:Save the password - machine list in a secure place, like taped to your monitor.__________________________________ Do you Yahoo!? All your favorites on one personal page – Try My Yahoo! http://my.yahoo.com
-- Aaron Berg VoyageurWeb Engineering 209 South Second St., Suite 314 P.O. Box 205 Mankato, MN 56002-0205 (507) 344-2280 http://www.voyageurweb.com
Current thread:
- admin account password management Lars Weste (Feb 09)
- Re: admin account password management Alexander Klimov (Feb 10)
- <Possible follow-ups>
- RE: admin account password management Jeff Gercken (Feb 10)
- RE: admin account password management Jonathan Loh (Feb 11)
- Re: admin account password management Aaron Berg (Feb 14)
- RE: admin account password management Jonathan Loh (Feb 11)
- RE: admin account password management Reece, Terry (Feb 11)