Implementing Password Management

Oct. 8, 2017 0 comments ADMIN Magazine Detection & Response incident handling

Typing in login names and passwords has, for many years, been the most common form of authentication in IT environments with normal protection requirements. Alternatives such as tokens, smart cards, electronic cards, and various types of biometrics have not changed this. There is virtually no alternative to passwords: Low implementation costs, sufficiently high user acceptance, and the relative rarity of significant security incidents suggest that passwords are unlikely to become extinct in the near future. Emergency password management covers situations in which third parties not directly involved in service operations need access to systems under exceptional circumstances to prevent greater damage. For example, the objective could be for a 24/7 security team to access compromised servers, even if the system administrator is not available. In Case of Emergency The classic solution to this problem is a list of passwords in a sealed envelope that is deposited in a vault and handed ov...

http://www.admin-magazine.com/Articles/Centralized-Password-Management/(tagID)/2