Educause Security Discussion mailing list archives
Re: Managing passwords. Storing passwords.
From: Isac Balder <piis8 () YAHOO COM>
Date: Tue, 4 Mar 2008 09:32:32 -0800
Charlie, I have not seen too many companies "authorize" these types of apps. I personally have never tinkered with them. The main reason for my reply is that ISSA Journal or Information Security Magazine (I forget which one as I am in the middle of both) just did an article on a hand full of these. Might want to check it out. I.B. --- "Warner, David F" <DWarner () COMMNET EDU> wrote:
We have been using password safe. http://passwordsafe.sourceforge.net/ I have also heard keepass is a good solution. http://sourceforge.net/projects/keepass/ both are open source projects available for free. David Warner Senior Security Specialist CT Community Colleges ________________________________ From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Bombard, Charles L Sent: Tuesday, March 04, 2008 11:40 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Managing passwords. Storing passwords. I was wondering more along the lines of the process that system administrators use to secure passwords they need to use/remember. Recommended applications to use or avoid? Processes that you currently support? -Charlie ========================================== Charles Bombard, GSEC LAN/Systems Administrator Community College of Vermont 119 Pearl Street Burlington, VT 05401 802.657.4234 bombardc () ccv edu PRIVACY & CONFIDENTIALITY NOTICE: This message is for the designated recipient only and may contain privileged, confidential, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of an email received in error is prohibited. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jon Hanny Sent: Tuesday, March 04, 2008 9:07 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Managing passwords. Storing passwords. I am currently testing a product by edmz security (http://edmzsecurity.com) that allows multiple users to connect to systems for priveleged tasks. It is an appliance that acts as a proxy between authorized users and the system being managed. I really like the functionality of the appliance. Having said that I am having security do a full assessment on the device before I recommend deploying it on our network. You may want to look at their website and see if it looks like the type of system you are looking for. Respectfully, Jon Hanny, CISSP Applications Security Specialist The George Washington University jehanny () gwu edu www.gwu.edu <http://www.gwu.edu/> ________________________________ From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Bombard, Charles L Sent: Tuesday, March 04, 2008 8:52 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Managing passwords. Storing passwords. What policy do you have for having a password storage utility? What do you use/sanction? -Charlie ========================================== Charles Bombard, GSEC LAN/Systems Administrator Community College of Vermont 119 Pearl Street Burlington, VT 05401 802.657.4234 bombardc () ccv edu PRIVACY & CONFIDENTIALITY NOTICE: This message is for the designated recipient only and may contain privileged, confidential, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of an email received in error is prohibited.
------------------------------------------------------------------------
------- NOTE: The sender of this email is different from the email address shown in the headers. The real sender of this message is: owner-security () LISTSERV EDUCAUSE EDU If you want to permanently block the sender of this email, you would need to add owner-security () LISTSERV EDUCAUSE EDU to your Anti-Spam Blocked Senders List. For more information see the Anti-Spam FAQ item:
http://www.commnet.edu/it/security/anti-spam-faq.asp#BlockRealSender
------------------------------------------------------------------------
-------
____________________________________________________________________________________ Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
Current thread:
- Managing passwords. Storing passwords. Bombard, Charles L (Mar 04)
- <Possible follow-ups>
- Re: Managing passwords. Storing passwords. Jon Hanny (Mar 04)
- Re: Managing passwords. Storing passwords. Bombard, Charles L (Mar 04)
- Re: Managing passwords. Storing passwords. Warner, David F (Mar 04)
- Re: Managing passwords. Storing passwords. Isac Balder (Mar 04)
- Re: Managing passwords. Storing passwords. Joseph Corey (Mar 04)
- Re: Managing passwords. Storing passwords. Josh Drummond (Mar 04)
- Re: Managing passwords. Storing passwords. Ray Bruder (Mar 05)
- Re: Managing passwords. Storing passwords. Lunceford, Dan (Mar 05)
- Re: Managing passwords. Storing passwords. Adam Schumacher (Mar 05)
- Re: Managing passwords. Storing passwords. John H. Sawyer (Mar 05)