Nikolai Weibull wrote:
In particular, any network admin simply has to record passwords and other
sensitive information - you can't reliably remember more than two or
three
passwords, particularly when you're not using them often.
I don't understand what you're trying to say in the first part of your
sentence.
I promise the list that I won't post about this again, but FWIW I'm not
telling you how I work, I'm describing how most people in the business
say they work (from talking to people, and following lists etc).
Most networks have lots of devices which require accounts.
A router, a firewall, a mail server, ten other servers, etc. Then there
are your various email accounts - some important, some junk.
Single sign-on can integrate many, or even most of these. But not all.
So, most network admins need to record all the account details,
possibly with notes, e.g. just how do you log on to that wireless
access point that you last configured six months ago.
There are many "password safe" utilities for this, but I like a simple
text
file with the secrets encrypted, yet easily viewable (without changing
the
file).
Which defeats the whole point of having multiple passwords, as if
someone figures out the master password then the other passwords will
also be available.
Given that you're going to reveal the password to anyone with
a knife, there doesn't seem to be much point in having bullet
proof security. I'm sure many people do as you suggest, but
take it from me that many other people do not use the same
password on their firewall and their mail server etc.
So it's better to use one good password/passphrase
and stick with it.
Diceware is a really nice system:
http://www.diceware.com/
John
