Tokens for Admin accounts
From: John (sregney@gedas.es)Date: 08/23/01
- Previous message: Kirk Brady: "Re: NetMeeting and MS Instant Messenger."
- Next in thread: Radoslav Dejanović: "Re: Tokens for Admin accounts"
- Reply: Radoslav Dejanović: "Re: Tokens for Admin accounts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 23 Aug 2001 13:48:52 -0000 Message-ID: <20010823134852.15808.qmail@securityfocus.com> From: John <sregney@gedas.es> To: security-basics@securityfocus.com Subject: Tokens for Admin accounts
Hello Everyone,
It seems like the goal of most hacking attempts are in
some way designed to get access to Admin.
privileges. We often hear talk of good passwords
using 8 characters, non-dictionary words,
mnemonics, blah, blah, blah. Our network is fairly
large and consists of UNIX, NT, and 2000 and uses
an ACE Server and SecureID for external users.
My question:
Why not require token authentication on all
Administrator accounts?
Sure, the Adms. would have to now use a token for
both remote and local access, but wouldn’t this
eliminate most password problems like: bad; shared;
compromised passwords, etc? Am I missing
anything here?
Thanks All,
John
- Previous message: Kirk Brady: "Re: NetMeeting and MS Instant Messenger."
- Next in thread: Radoslav Dejanović: "Re: Tokens for Admin accounts"
- Reply: Radoslav Dejanović: "Re: Tokens for Admin accounts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
