Password Storage for Fun and Profit?

adwb asks: "I work for a small company which performs network installations and support for clients in the Seattle area. We have a handful of network admins and programmers who go out to client's offices to solve problems as needed. A problem we have been trying to deal with is the various administrator passwords for different client networks at different domain levels. It seems the easiest solution is not the most secure: just dump every client's administrator password into a text file and store it in a secure network location inside our local domain. Can any of you experienced network admins recommend a method (either pre-built software or custom database/interface solution) of storing client authentication information in a way that can be easily accessed by our employees (preferably from any computer, including their Pocket PC's) but secure from the outside world?" For those of you interested in protecting your personal passwords, an answer might be found in this tidbit from jswinth, but there are issues here, too: "The wired article about Never Forget Another Password talks about the Just1Key service allowing all your passwords to be accessible from any PC. They use an applet and encrypt the password information before it leaves the local PC. What about when you cannot trust the PC, like when using a public terminal? I would hate to have all my passwords compromised because I couldn't remember my password to my free New York Times account at the library."

So....

[ArsonSmith]

You're asking how can I let everyone know the passwords, yet still be secure?

Sounds like you have an architectural problem not a password problem. Not sure how to fix it, we are cursed with the same thing here. Some is being addressed but it is slow and making sure every application supports a centralized authentication system is the hardest part.

Use Gmail

[LennyDotCom]

Open a gmail account with an obscure name upload the info and you can access it anywhere

Here's what we do

[Anonymous+Crowhead]

We have an ecrypted text file stored locally with all passwords written on it like this:

1. password

2. password2

etc.

On an ssl, password protected web site not hosted by us, we have a web page with:

Server x, root, password #1

Server x, admin, password #2

etc.

The people who need it keep all or part of the printed out text file in their wallets. I'm sure someone will point out some flaw, but it is pretty disconnected.

Novell: Passwords NEVER Travel the Wire!!!

[mosel-saar-ruwer]

They use an applet and encrypt the password information before it leaves the local PC.

Being an old Novell MCNI/MCNE/etc, I was innundated, inculcated, and imbued by the overarching mantra: PASSWORDS NEVER TRAVEL THE WIRE!!! ONLY HASHES OF PASSWORDS TRAVEL THE WIRE!!!

Why not ask?

[minus9]

"We have a handful of network admins and programmers who go out to client's offices to solve problems as needed."

This is how I would do it...

The people who go out on site, ask the client what the password is. If they are trusted then the password will be provided. If they are some halfwit who wants to "dump every client's administrator password into a text file" then they will be told to get the fuck away from my network and leave the building.

They could also carry the passwords in a file using a modern concept called encryption, a new invention, only a few thousand years old.

To think that I have recently been modding posters down for bitching about slashdot no longer being "News for nerds"

There are also sites on the internet which can provide links to software which can fulfill this need.

Sorry for being such a sarcastic twat but slashdot is sinking to the level of "My processor is running out of memory, should I buy a bigger monitor?"

People come here to get away from this stupid crap.