You grant junior-admins or helpdesk operators the ability to reset user passwords. The users should not be allowed to change administrative, service, or system passwords.
In the NT world there is a default usergroup named "Account Operators" that have this ability.
In a production environment the admin passwords should only be used when making changes or for emergency fixes. Both of these situations would require management approval or notification and the admin password could be "checked out".
We have a little over 3500 servers worldwide at my company and this is the process we have in place. And the process works.
And then what are you going to tell your shareholders when the news comes out that your database was cracked in a couple of minutes by a script kiddy? And then it happens again, and again, and again?
If you follow good computing practices this problem would never happen.
1. Every application or system should have an administrative userid with the ability to change all passwords.
2. This userid should be guarded like fort knox.
3. The password for this userid should be changed on a regular basis.
4. At least two people should be involved in the password change, and preferably each one should only know half of the password.
5. Each time the password is changed it should be recorded in twice. One record should be stored locally in a secure place such as a safe. The other copy should be stored in an easily accessible secure offsite storage facility.
6. A third party should be responsible for verifying the process has been completed and report to management any deviation from the procedures.
7. Management approval should be required for retrieval of the password and the password should be immediately changed after usage.
This may sound a little extreme, but it is very easy to implement. If these or similar procedures are followed you will never lose the password and you won't have to resort to using week passwords.
Slashdot Mirror
You grant junior-admins or helpdesk operators the ability to reset user passwords. The users should not be allowed to change administrative, service, or system passwords.
In the NT world there is a default usergroup named "Account Operators" that have this ability.
In a production environment the admin passwords should only be used when making changes or for emergency fixes. Both of these situations would require management approval or notification and the admin password could be "checked out".
We have a little over 3500 servers worldwide at my company and this is the process we have in place. And the process works.
And then what are you going to tell your shareholders when the news comes out that your database was cracked in a couple of minutes by a script kiddy? And then it happens again, and again, and again?
If you follow good computing practices this problem would never happen.
1. Every application or system should have an administrative userid with the ability to change all passwords.
2. This userid should be guarded like fort knox.
3. The password for this userid should be changed on a regular basis.
4. At least two people should be involved in the password change, and preferably each one should only know half of the password.
5. Each time the password is changed it should be recorded in twice. One record should be stored locally in a secure place such as a safe. The other copy should be stored in an easily accessible secure offsite storage facility.
6. A third party should be responsible for verifying the process has been completed and report to management any deviation from the procedures.
7. Management approval should be required for retrieval of the password and the password should be immediately changed after usage.
This may sound a little extreme, but it is very easy to implement. If these or similar procedures are followed you will never lose the password and you won't have to resort to using week passwords.