Educause Security Discussion mailing list archives
Re: Password Security
From: Christopher Webber <christopher.webber () UCR EDU>
Date: Tue, 23 Oct 2007 16:16:36 -0700
As I read this I also begin to wonder... What are sysadmins doing to protect the root/admin passwords? Christopher Webber, SCSA Resnet Coordinator Housing Services University of California, Riverside Office: 951.827.6595 Fax: 951.827.7099 Some things Man was never meant to know. For everything else, there's Google. - Unknown Vicky Walker wrote:
David's response leads me to ask what the general consensus is about the safety of Password Safes and what are the best ones out there today? >>> David Seidl <dseidl () ND EDU> 10/23/2007 3:25 PM >>> I ran into Gary in the hall and mentioned what I tell people who can't remember passwords/passphrases, and who can't or won't use a Password Safe style application. The spiel goes something like this: If you can't remember your passphrases, then you should write down part, and remember the rest. A list of phrases with a common key portion missing is quite reasonable as long as it isn't easily reverse engineered. The incidence of losing both your wallet, and having someone learn your keyphrase is likely to be very low unless you're in the bad habit of muttering as you type it... If you do lose the battle over the cards, turn it into a user education opportunity - "How many of you in this room have lost your wallet, or had it stolen?" followed by "Who has their complete password written down in their wallet next to their university ID card?" should be a winning combination. David -- ------------------------------------------------------------ David Seidl, CISSP University of Notre Dame, Office of Information Technologies
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Re: Password Security, (continued)
- Re: Password Security Vicky Walker (Oct 23)
- Re: Password Security Roger Safian (Oct 23)
- Re: Password Security Mclaughlin, Kevin (mclaugkl) (Oct 23)
- Re: Password Security Logan, Kimberly (loganks) (Oct 23)
- Re: Password Security Steven Alexander (Oct 23)
- Re: Password Security Jim Dillon (Oct 23)
- Re: Password Security Doug Markiewicz (Oct 23)
- Re: Password Security Jim Dillon (Oct 23)
- Re: Password Security David Seidl (Oct 23)
- Re: Password Security Vicky Walker (Oct 23)
- Re: Password Security Christopher Webber (Oct 23)
- Password Security Mclaughlin, Kevin (mclaugkl) (Oct 24)
- Re: Password Security David Kovarik (Oct 24)
- Re: Password Security Paul Russell (Oct 24)
- Re: Password Security Shalla, Kevin (Oct 24)
- Re: Password Security Gary Dobbins (Oct 24)
- Re: Password Security Valdis Kletnieks (Oct 25)
- Re: Password Security Scholz, Greg (Oct 25)