Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Comment: Re:And this is important because? (Score 1) 155

by azulcactus (#42526761) Attached to: NTLM 100% Broken Using Hashes Derived From Captures
The first paragraph on Wikipedia is excellent: Also important to note this is only referring to NTLMv1 which is hella old. Also just because you are running Windows XP still doesn't mean you are using NTLMv1. It's a bit more complex than that.

+ - How do large corporations manage passwords?

Submitted by
An anonymous reader writes: I'm part of a growing organization. We're currently writing and implementing various policies. Currently, I'm stumped with how to manage passwords. Different people within the IT department need different levels of access. For example, the techs don't need to know the firewall passwords. Along the same lines, I, being the security administrator, would not need the SA/sys passwords for our databases.

How to large companies deal with this? I though of creating a few spreadsheets — one for "Top Secret" passwords (i.e. routers, firewalls), another for "Classified" passwords (i.e. windows service accounts, domain admin account, database passwords, DNS management) and finally a "Sensitive" password database for general passwords (i.e. configuring new phones and other day-to-day accounts used by tech support).

Those are my thoughts but what I want to know are:

1.) Whats the typical scheme used in a large company? I'm sure it is pretty customized to each organization's needs, but there's gotta be some similarity. If not:
2.) How does your company go about this?
3.) Any suggestions?

The bomb will never go off. I speak as an expert in explosives. -- Admiral William Leahy, U.S. Atomic Bomb Project