----- Original Message -----
> From: [email protected]
> auditing release of the password (who got the password when, and who
> approved it)
One of the things that I never hear discussed during conversations like this is
how exceptions are handled. Some of the exceptions I'd want to hear discussed
include:
How business continuity is maintained across catastrophic events.
How, when everything else has hit the fan, can "I" a "trusted admin" working in
the data center get access into our systems where even the networking is down?
There are times that in preparation of bring up the data center from a dead
stop, I need to log into some systems and run fsck's (or other such tasks)
before everything else is live.
Can I, after getting the root password of a system in an emergency, flag a
password as "exposed" but not "compromised" requiring the password to be
changed and re-synced at the next possible opportunity when "normal" operation
has been restored.
Is there a way to generate password displays using clear concise (unabigous)
language for reading over the phone or other verbal exchange including, should
it be required, printing. (i.e. Password=bwFq display as
"[bravo][whisky][FOXTROT][golf]")
--
<< MCT >> Michael C Tiernan.
Is God a performance artist?
http://www.linkedin.com/in/mtiernan
_______________________________________________
Discuss mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss
This list provided by the League of Professional System Administrators
http://lopsa.org/
