Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Password Storage

From: "Doug W" <dougiegee () hotmail com>
Date: Tue, 01 Aug 2006 15:11:58 +0000
Hi Everyone
What do people generally do in the case of password storage? For example, I strongly believe that storing passwords in documents is a terrible idea as I am sure you would agree.
However, how do you account for having multiple support staff, possibly working off site, most with extremely bad memories (unfortunately), and in need of high level rights to fix systems etc.
I also try to enforce that all actions are taken wtih the users own privileged account for auditing purposes but when building machines, installing software or troubleshooting problems, service accounts and administrations accounts may be required.
Or, is this problem more universal than I think and forcing people to not document passwords will be an interesting challenge? 

D



---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: