[unisog] Admin Password Management

Russell Fulton r.fulton at auckland.ac.nz
Thu Feb 24 23:40:34 GMT 2005


On Wed, 2005-02-23 at 11:56 -0600, PaulFM wrote:

>   Keeping that in mind, set the 
> administrative password on windows machines to a random 128 character string 
> that you don't remember (maybe always use one character that is nearly 
> impossible to type on a keyboard) 

This is a variation on my suggestion of getting the operations folk to
change the passwords using password safe which will generate random
passwords matching a variety of criteria.  ( I don't think I explained
that bit in my post. ) Our way has the advantage that you don't need
physical access to the machine.

The key idea with both these schemes is that for normal operation *no
one* needs to know the root password.

R
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2201 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20050225/c466115d/smime.bin


More information about the unisog mailing list