Security Basics mailing list archives

RE: third-party password managers in the enterprise

From: "Nick Duda" <nduda () VistaPrint com>
Date: Tue, 12 Dec 2006 12:19:28 -0500


You can roll something like Keypass out in conjunction with an eToken
(I'm not affiliated with Aladdin, but do use their enterprise products).

- Nick

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of krymson () gmail com
Sent: Monday, December 11, 2006 4:10 PM
To: security-basics () securityfocus com
Subject: third-party password managers in the enterprise

Does anyone have any experience on rolling out or using (or banning) use
of third-party "secure" password managers in an enterprise 200-1000
users)? I'm just looking for ideas or feedback as this question has been
raised in our organization. Examples of such apps could be PasswordSafe
and KeePass.

These applications are simply encrypted databases which require a
user-supplied password in order to open them. The user can then populate
the database with their logins and passwords. This allows the user a
secure storage for multiple logins and they only really have to remember
the one password to unlock the database.

------------------------------------------------------------------------
---
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetec
t
------------------------------------------------------------------------
---


---------------------
Confidentiality note
The information in this email and any attachment may contain confidential and proprietary information of VistaPrint 
and/or its affiliates and may be privileged or otherwise protected from disclosure. If you are not the intended 
recipient, you are hereby notified that any review, reliance or distribution by others or forwarding without express 
permission is strictly prohibited and may cause liability. In case you have received this message due to an error in 
transmission, please notify the sender immediately and delete this email and any attachment from your system.
---------------------

---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------

Current thread:

third-party password managers in the enterprise krymson (Dec 12)
- Re: third-party password managers in the enterprise Saqib Ali (Dec 12)
- RE: third-party password managers in the enterprise Nick Duda (Dec 12)
- <Possible follow-ups>
- Re: Re: third-party password managers in the enterprise bucklerk (Dec 12)