RE: local admin account password
From: Tim Eddy (EDDYT_at_stgeorge.com.au)
Date: 11/26/03
- Previous message: Tim Eddy: "Re: local admin account password"
- Maybe in reply to: Eli Allen: "local admin account password"
- Next in thread: Erwin Fritz: "Re: local admin account password"
- Reply: Erwin Fritz: "Re: local admin account password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 27 Nov 2003 08:23:55 +1100 To: <JWHERBOLD@arkbluecross.com>, <focus-ms@securityfocus.com>, <Andre.Clark@timewarner.com>
how do you deal with VMware sessions, and SAN boot servers that can be powered off for long periods, and multi-os machines, and BMR images?
how do you securely get your password changing script out to all machines? I assume your using a software delivery agent that is running under local system. If your using a script to change it, then a user could just redirect your script as it is run on the machine and get the new password.
if your password was 127 characters long, the admins would write it down on bits of paper. If its easy enough for them to remember each week, then it can be cracked within a week.
<snip>>>>>>>>>>>>>
>>> "Clark, Andre M." <Andre.Clark@timewarner.com> 27/11/2003 4:35:30 am >>>
Folks,
I concur. This is what I do in my environment. Take note that if you have
Windows 2000, or higher systems, you can have a password up to 127
characters. Yes this is extreme but if anyone can crack a password that
long and get into your system you have other problems (i.e. how did a person
get the opportunity to spend that much time hitting against one system).
André M. Clark
Sr. Manager, Engineering & Support Services
<<<<<snip>
**********************************************************************
***** IMPORTANT INFORMATION *****
This document should be read only by those persons to whom
it is addressed and its content is not intended for use by
any other persons. If you have received this message in
error, please notify us immediately. Please also destroy and
delete the message from your computer. Any unauthorised form
of reproduction of this message is strictly prohibited.
St.George is not liable for the proper and complete transmission
of the information contained in this communication, nor for any
delay in its receipt.
**********************************************************************
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: Tim Eddy: "Re: local admin account password"
- Maybe in reply to: Eli Allen: "local admin account password"
- Next in thread: Erwin Fritz: "Re: local admin account password"
- Reply: Erwin Fritz: "Re: local admin account password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
