Here's a scenario... This all goes to internal control. You will have stripped any form of accountability from your system. Employees will be able to accuse the manager of doing something and the manager is in an almost indefensible position (whether or not he did the thing he was accused of). There's exactly the reason why admins don't know employee passwords and have the ability to reset them. It is so the admin is accountable to the user (who may or may not be higher up in the organizational chart) as to who is accessing their information. Enabling a manager to know employee's passwords opens your organization up to potentially unlimited liability.
On Fri, Jan 8, 2010 at 1:38 PM, John Aldrich <[email protected]>wrote: > On Friday 08 January 2010, you wrote: > > There's no way to do what he has requested, and it's a security issue > > waiting to happen. > > > That's what I thought. Hell, this guy doesn't even want to have to change > his own password. I gave up on him, but there's no way in hell I'm going to > not make the rest of the userbase change their passwords every 90 days. :-) > Guess he'll just have to make sure he keeps an updates username/password > list. :-( > Fortunately, we're only talking about maybe half a dozen computers. I CC-ed > my boss who, I believe, is technically higher on the food chain than the CS > Manager, and explained my concerns, but I have a feeling I'm going to be > overruled. > > -- > Thanks, > John Aldrich > Blueridge Industries > IT Manager > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
