Comment Fun, no, prudent, yes (Score 3, Interesting) 159
I don't have any fun/funny password tales to share, but I can share a story about true password protection.
The year was 1999. I was working at a computer-related company, I won't call it a "startup" or a "dotcom" but it was similar. There were three sysadmins, and the owner didn't trust any one admin with the ability to login as root by himself. So a compromise was reached.
Each of the three admins chose a password. The three passwords were combined into one monster, master, root password. In order to login as root, all three admins needed to be present, to type their portion of the password in the correct order. Once all three admins typed in, a root login was achieved and whatever duty was necessary would be performed.
So, what if one of the 3 admins got hit by a bus on the way to work? There was a contingency plan. Each of the three of us entrusted our password to one of the other two. In the event of an emergency, assuming two of the three admins were present, the full password could be reconstructed. For example,
Admin A's password was apple, and he told that to Admin B
Admin B's password was blueberry, and he told that to Admin C
Admin C's password was cherry, and he told that to Admin A
So if Admin B got runover by a train, Admin A and Admin C could still login as root (because Admin C knew Admin B's password part), change the root password, and do whatever needed to be done.
The benefit was that, unless there was some sort of conspiracy, no one admin could ever login as root by himself and do anything crazy.
--
Rate Naked People at FuckMeter! (NSFW)
The year was 1999. I was working at a computer-related company, I won't call it a "startup" or a "dotcom" but it was similar. There were three sysadmins, and the owner didn't trust any one admin with the ability to login as root by himself. So a compromise was reached.
Each of the three admins chose a password. The three passwords were combined into one monster, master, root password. In order to login as root, all three admins needed to be present, to type their portion of the password in the correct order. Once all three admins typed in, a root login was achieved and whatever duty was necessary would be performed.
So, what if one of the 3 admins got hit by a bus on the way to work? There was a contingency plan. Each of the three of us entrusted our password to one of the other two. In the event of an emergency, assuming two of the three admins were present, the full password could be reconstructed. For example,
Admin A's password was apple, and he told that to Admin B
Admin B's password was blueberry, and he told that to Admin C
Admin C's password was cherry, and he told that to Admin A
So if Admin B got runover by a train, Admin A and Admin C could still login as root (because Admin C knew Admin B's password part), change the root password, and do whatever needed to be done.
The benefit was that, unless there was some sort of conspiracy, no one admin could ever login as root by himself and do anything crazy.
--
Rate Naked People at FuckMeter! (NSFW)
