Security Basics mailing list archives

admin account password management

From: "Lars Weste" <lweste () gmx de>
Date: Tue, 8 Feb 2005 05:53:35 +0100 (MET)

Hi,  
   
 developing a password policy i'm wondering of which rules you have to  
 secure admin level accounts on a bunch of client hosts and other 
hardware  
 like switches or disk storages. more or less i came across three  
 solutions:  
 1. define classes of admin level accounts for devices and client hosts  
 depending on their security. define a password for every class and use  
 that password at any device in that class.  
 2. define classes of admin level accounts for devices and client hosts  
 and define one or more password generation rules depending on the 
classes  
 of the account and generate different passwords for each device 
according  
 the rules at each class of device.  
 3. define for any admin account at any device and client host an  
 independent and strong password.  
   
 just only looking at the passwords, point 3, independent ones seems most  
 secure, but also most cumbersome to the administrator.  
   
 so just wondering whether someone can share some practical experiences?  
   
 regards  
 lars  

-- 
Lassen Sie Ihren Gedanken freien Lauf... z.B. per FreeSMS
GMX bietet bis zu 100 FreeSMS/Monat: http://www.gmx.net/de/go/mail

Current thread:

admin account password management Lars Weste (Feb 09)
- Re: admin account password management Alexander Klimov (Feb 10)
- <Possible follow-ups>
- RE: admin account password management Jeff Gercken (Feb 10)
  - RE: admin account password management Jonathan Loh (Feb 11)
    - Re: admin account password management Aaron Berg (Feb 14)
- RE: admin account password management Reece, Terry (Feb 11)