Re: local admin account password

From: Marius Huse Jacobsen (mahuja_at_c2i.net)
Date: 11/26/03

  • Next message: shimi: "RE: local admin account password" 
    Date: Wed, 26 Nov 2003 06:39:15 -0800
To: "Eli Allen" <focus-ms@securityfocus.com>

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Hello Eli,

    Tuesday, November 25, 2003, 10:47:29 AM, you wrote:

    EA> 2) Use a different password on all boxes and a big filling cabinet to
    secure
    EA> it (as its impossible to memorize). Don't think this would work in the
    real
    EA> world so not worth using.

    This is closest to what I've seen the most often (only counting those
    I could ever dream of recommending, not like a slip of yellow paper on
    every monitor...)

    Use a notebook,laptop, or even a pda. (Notebook is not the paper type)
    Use an encrypted volume on it.
    Store the list of all the passwords on it.
    Make sure the thing is always chained to you somehow. Especially while
    the encrypted volume is 'open'. One guy chained it to his belt. It was
    a 1.5m thin metal chain, allowing him to place it at the desk where he
    was working, but not allowing him to forget it or leave it behind.

    Extremely mobile as well. You don't even need to access a central
    server in order to find a password.

    This will remain very secure as long as there is no network contact
    and physical access to it is properly restricted. It's also quite
    convenient, as it's something you can easily carry along, it's quickly
    searchable, etc.

    - --
    Best regards,
     Marius mailto:mahuja@c2i.net

    -----BEGIN PGP SIGNATURE-----

    iQA/AwUBP8S7E5fZ2CSWpu1rEQJi/gCgjY0/fmXKAdLjtgDXFeq1wXDb+4cAoNPd
    xEON5Va5388sqhTheH5f412Z
    =0dBo
    -----END PGP SIGNATURE-----

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------

  • Next message: shimi: "RE: local admin account password"

    Relevant Pages

    • Re: Secure local data
      ... To secure a system, you must lock it in a physical room and restrict ... power-cycling the machine at that time; indeed, ... True security can only be achieved by restricting physical access to any ...
      (linux.redhat)
    • Re: Blocking group policy extensions pocessing
      ... to do such task during his usual work. ... So User training is another part of making it more secure. ... restrict physical access to the system. ... Mark Heitbrink - MVP Windows Server ...
      (microsoft.public.windows.group_policy)
    • Re: [OT]? Recovering a password from a client application
      ... Administrator and physical access to a machine, ... A secure system would require the user to enter their password each ... as emails, passwords to other services etc. Modern ciphers such as ... with all your sensitive data and passwords in plain sight. ...
      (comp.mail.misc)
    • Re: How do I protect folders from teenage eyes?
      ... Is there a way that I can secure folders so that the contents, ... ZIP file encryption is actually fairly strong as encryption schemes go, ... Of course, once you get to stage 5, physical access to the machine is now ... hard drives or USB flash discs are, well, easily removable. ...
      (microsoft.public.win2000.general)
    • Re: 4 wire telco vs CAT5
      ... Of course with ethernet you need physical access. ... Ethernet was not designed to be secure. ... With a wired connection I'm not broadcasting my traffic to everyone ...
      (alt.home.repair)