Educause Security Discussion mailing list archives
Re: Password keepers
From: Clifford Collins <collinsc () FRANKLIN EDU>
Date: Mon, 27 Aug 2012 13:16:56 -0400
We use Password Manager Pro from ManageEngine. We have it in an active/passive configuration that allows high availability (active service at one data center and the passive/standby at the other data center). It allows for both departmental and personal accounts and a variety of access options based on role and group memberships. An access log is maintained to allow auditing (including justification and approval(optional) for access) and regulatory compliance, and it works with both local and central authentication (Active Directory/LDAP) support. For us, the tough part is getting people to discipline themselves to populate and maintain system passwords. http://www.manageengine.com/products/passwordmanagerpro/ Clifford A. Collins Information Security Officer Franklin University 201 South Grant Avenue Columbus, Ohio 43215 "Security is a process, not a product" ----- Original Message ----- From: "Stacy Slocum" <sslocum () SJFC EDU> To: SECURITY () LISTSERV EDUCAUSE EDU Sent: Monday, August 27, 2012 10:28:38 AM Subject: [SECURITY] Password keepers Hello- Could anyone share a best practice with regard to the storage and safe keeping of the collection of all system passwords? Is using a keepass type application the best approach? What about redundancy in the event you can’t get to the stored list or it is corrupt? Any advice and/or opinions would be very helpful. Thanks Stacy
Current thread:
- Password keepers Slocum, Stacy (Aug 27)
- Re: Password keepers SCHALIP, MICHAEL (Aug 27)
- Re: Password keepers Joel Rosenblatt (Aug 27)
- Re: Password keepers Shamblin, Quinn (Aug 27)
- Re: Password keepers David Curry (Aug 27)
- Re: Password keepers Daniel Bennett (Aug 27)
- Re: Password keepers Shawn Kohrman (Aug 27)
- Re: Password keepers Clifford Collins (Aug 27)
- Re: Password keepers Dave Koontz (Aug 27)
- Re: Password keepers Josh Drummond (Aug 27)
- <Possible follow-ups>
- Re: Password keepers Woodruff, Dan (Aug 27)
- Re: Password keepers Cappalli, Tim G @ LSC-OIT (Aug 27)
- Re: Password keepers SCHALIP, MICHAEL (Aug 27)