[unisog] Password Vaults

Trevor Odonnal trevoro at byu.edu
Tue Oct 7 13:55:19 GMT 2008


No.  I mean the software actually changes the password.  As mentioned by another poster before, the user will most likely write down the password when he uses it.  Knowing human nature, he will probably try to use it again later without following the proper check out procedure.  To protect against the bypassing of the procedure, the password is automatically changed when it's checked back in.

Maybe I was too detailed in my question.  What I'm looking for mainly is anybody in this group that is using an electronic password vault to report on its stability and whether or not it has ever caused a problem in your systems if the solution failed.  How well has your backup solution worked?  I'm looking for real world experience with this kind of solution that might help us determine if it's trustworthy or not.

--------------------------------------
Trevor O'Donnal CISSP, CCFS, GREM
Network Security Analyst
Brigham Young University
(801) 422-1477
trevoro at byu.edu
-----Original Message-----
From: unisog-bounces at lists.dshield.org [mailto:unisog-bounces at lists.dshield.org] On Behalf Of Ali, Saqib
Sent: Monday, October 06, 2008 4:57 PM
To: UNIversity Security Operations Group
Subject: Re: [unisog] Password Vaults

> 2. The software changes the password automatically when it is checked back in to the vault


Can please elaborate on this. Not sure what you mean....... Do you
mean encrypt the password when it is checked back in?


saqib
http://doctrina.wordpress.com/
_______________________________________________
unisog mailing list
unisog at lists.dshield.org
https://lists.sans.org/mailman/listinfo/unisog



More information about the unisog mailing list