[TriLUG] Securely and Accurately transmit passwords

Kevin J. mrkevinj at yahoo.com
Tue Oct 2 08:28:22 EDT 2007


Go to two-factor authentication...MUCH easier for your users and much more secure.

We use RSA SecurID, but you may want to check out http://www.wikidsystems.net/ for an open source option. 

Kevin

----- Original Message ----
From: Chris Knowles <chrisk at trilug.org>
To: trilug at trilug.org
Sent: Monday, October 1, 2007 2:17:49 PM
Subject: [TriLUG] Securely and Accurately transmit passwords

Seeking advice, anecdotes, ideas...

Here's my situation.  I have a pool of 20+ people that are off-site.

I occasionally have need of communicating to them system password
changes.

In the past, we've sent them cards with the passwords printed on them,
with admonishments to destroy cards after the item has been committed to
memory.  

Recently we've started seeing that they've taken these cards, taped them
into their laptops in plain sight.  (And occasionally annotated them
with much too much information as to what that password would buy you.)

Since the passwords are complex, phone conversations tend to lead to a
lot of phonetic spelling and shouting.  

Since the some of users have POP accounts for their e-mail I don't want
to use e-mail as a secure method of sending them passwords..

So, what do *you* use for password distribution?

CJK







       
____________________________________________________________________________________
Got a little couch potato? 
Check out fun summer activities for kids.
http://search.yahoo.com/search?fr=oni_on_mail&p=summer+activities+for+kids&cs=bz 


More information about the TriLUG mailing list