[ale] password management

Dow Hurst dhurst at kennesaw.edu
Thu Jul 24 19:28:00 EDT 2003 

I still use the notebook method.  I pick everyone's password and they 
have to stick with it since they won't ever know when I am updating and 
copying /etc/passwd and /etc/shadow between machines.  My biggest worry 
with security of passwords is the carelessness of users.  Many times I 
have found slips of paper or sticky notes with passwords written on them 
stuck on monitors in the labs or just laying on the counters.  Education 
of users about security is always difficult.  My methods for password 
management are still primitive since we have a small group and few services.
Dow


Christopher Bergeron wrote:

> Does anyone have any good tips on how to manage passwords?  I did a 
> quick tally today of how many passwords we need to keep track of and I 
> stopped at the 100 mark.  We use passwords for different boxes, vendor 
> services (T1 management websites, etc)., client files (pgp), client 
> websites, phone systems, jetdirect boxes, all-in-one copiers, email 
> clients, routers, vpns, etc...  I'd like to implement LDAP here, but I 
> can't convince management to let me spend time on it (just to make my 
> life easier).
>
> Sooo....
>
> What I was wondering is if anyone has any tips on how they keep track 
> of many UID/signon/passwords.  I've seen keychains, etc, but I'm sure 
> I want to key about 100 passwords into a little keychain.  I currently 
> have them all written down on 1 page of a notebook (that I guard with 
> my life).  I know it's probably not best practice, but it's impossible 
> to keep all that stuff in [my] memory.  Does anyone have a good 
> algorithm for creating passwords that might make my life easier?  If 
> comporomised it would probably mean a world of hurt, but I need to 
> come up with some kind of solution...
>
> What do you guys use (aside from LDAP or Radius)?  Any suggestions?
>
> Thanks,
> -CB
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
>

-- 
__________________________________________________________
Dow Hurst                  Office: 770-499-3428
Systems Support Specialist    Fax: 770-423-6744
1000 Chastain Rd. Bldg. 12
Chemistry Department SC428  Email:   dhurst at kennesaw.edu
Kennesaw State University         Dow.Hurst at mindspring.com
Kennesaw, GA 30144
*****************************************************************
This message (including any attachments) contains confidential  *
information intended for a specific individual and purpose,     *
and is protected by law.  If you are not the intended recipient,*
you should delete this message and are hereby notified that     *
any disclosure, copying, or distribution of this message, or    *
the taking of any action based on it, is strictly prohibited.   *
*****************************************************************


_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale

More information about the Ale mailing list