RE: NOC password management

If you have some money, this system has lots of promise. We've got it
but have not finished implementation

Look at PAR - hardware based system
Can automatically change AD system/resource passwords
If you authorize someone access to an account they can sign in and
retrieve a password - you can then have the password on the device
change (think it will also do UNIX) so essentially you have a one time

An automated, appliance-based solution
Automatically generates, updates,
and checks admin passwords
Contains a dual-control release
mechanism for regulatory compliance
Protects passwords during transmission
and while in storage
Ubiquitous, secure password accessibility
Secure File Storage & Release Controls

I don't usually deal with the financials - so I don't know how much it
cost but for a medium to large environment I expect it would pay for
itself very quickly.

Kay Cornwell, MS, GSEC, GSLC, GSAE
Bethesda, MD

-----Original Message-----
From: List Subscriptions []
Sent: Wednesday, March 14, 2007 10:20 AM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: NOC password management

As the security administrator I constantly get complaints from the
network admins about how hard it is to remember all the passwords.
What are the best practices for enterprise password management? What
products are available? They came to me with Mandylion labs password
management token ( Has anyone used this
product or have any insight into the best solution?

Thanks in advance