Slashdot Mirror

← Back to Stories (view on slashdot.org)

Password Storage for Fun and Profit?

Posted by Cliff on from the accessible-but-secure dept.

adwb asks: "I work for a small company which performs network installations and support for clients in the Seattle area. We have a handful of network admins and programmers who go out to client's offices to solve problems as needed. A problem we have been trying to deal with is the various administrator passwords for different client networks at different domain levels. It seems the easiest solution is not the most secure: just dump every client's administrator password into a text file and store it in a secure network location inside our local domain. Can any of you experienced network admins recommend a method (either pre-built software or custom database/interface solution) of storing client authentication information in a way that can be easily accessed by our employees (preferably from any computer, including their Pocket PC's) but secure from the outside world?" For those of you interested in protecting your personal passwords, an answer might be found in this tidbit from jswinth, but there are issues here, too: "The wired article about Never Forget Another Password talks about the Just1Key service allowing all your passwords to be accessible from any PC. They use an applet and encrypt the password information before it leaves the local PC. What about when you cannot trust the PC, like when using a public terminal? I would hate to have all my passwords compromised because I couldn't remember my password to my free New York Times account at the library."

1 of 75 comments (clear)

  1. Paper... by joto · · Score: 5, Funny
    You see, there is a form of written communication that predates the computer, and is very secure once you've taken care of the physical security. It is also portable, easy to carry, does not require electricity, or any form of advanced machinery. It will survive in temperatures from far below human tolerance, to +70 celcius. It can be damaged by exposure to water, but because of it's flexible form, can easily be stored in an airtight container. This miracle medium is called: PAPER!

    You write the passwords you need on a piece of paper. If there are lots of passwords to be remembered, an electronic device called a "printer "can transfer the passwords from a computer at your office building to the paper.

    The paper is carried by the admin to whatever clients he need to go to. Once at the client, he fetches this piece of paper, and use his eyes to retrieve the passwords he need. The passwords are typed manually by the admin into the clients computer.

    As your admin finishes his job, the paper containing the passwords can be easily destroyed. A device specifically made for this, called a "paper shredder" exists in many offices, and your admin is likely to find one at the clients office.

    If a client does not have a paper shredder, the admin may choose to use the fallback solution of tearing apart the paper with his hands, followed by flushing it down the toilet. Another solution is to ignite the paper with a device called a "lighter", something that can usually be found at the back entrance of the clients building (just ask one of the smokers there).

    I hope this suggestion helps!