While you're at it, you might as well collect everyone's ATM PIN for safekeeping.
Ed Crowley MCSE+Internet MVP Freelance E-Mail Philosopher Protecting the world from PSTs and Bricked Backups!T -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Parker Sent: Thursday, October 23, 2003 8:12 AM To: Exchange Discussions Subject: RE: Password Mainenance Your points are valid Ben. I started here 6 years ago and it was my 1st admin job. Having a list of all passwords semmed like the right thing to do at the time. And yes, management is aware of the list. I think I am going to take your advice on the GP password management. Just gotta hand it off. I know where in GP the password policy is, but right now, in the user acounts, "Password never expires" is checked. In order fro GP to do it's job, I will need to uncheck that. Correct? John Parker, MCSE IS Admin. Senior Technical Specialist Digital Display Systems. Alpha Video 7711 Computer Ave. Edina, MN. 55435 952-896-9898 Local 800-388-0008 Watts 952-896-9899 Fax 612-804-8769 Cell 952-841-3327 Direct [EMAIL PROTECTED] "Be excellent to each other" ---End of Line--- -----Original Message----- From: Ben Winzenz [mailto:[EMAIL PROTECTED] Sent: Thursday, October 23, 2003 9:33 AM To: Exchange Discussions Subject: RE: Password Mainenance Why is it necessary that you keep a list of all the passwords? It is one thing to have a list of service account passwords, and such, but all users is quite another thing. It is a HUGE security risk. Imagine what would happen if someone got ahold of the document that had everyones passwords. If you are using Exchange (valid assumption I think since this is an Exchange list), then you are using either NT or Windows 2000. Why can't you have your users manage their own passwords? Every client that logs in to the domain should have the ability to change their password - even 9x clients can change their passwords. This is not something that you should be doing or should have to do - now of course that is only my opinion and you are free to do as you like, but I would rather choke myself than have to maintain all my users passwords for them. Does HR know that you maintain a list of everyone's password? Does your corporate lawyer know? If not, you better make sure they do. I realize I am probably not being helpful to what you are wanting to do, but I (and probably most of the others on this list) have never run across a sysadmin who insisted on maintaining a list of all his/her users passwords. So if you like, simply dismiss this as a rant from me - it won't hurt my feelings if you do. I certainly wouldn't wish for your job if I was required to do what you are doing. Ben Winzenz Network Engineer Gardner & White (317) 581-1580 ext 418 -----Original Message----- From: John Parker [mailto:[EMAIL PROTECTED] Posted At: Thursday, October 23, 2003 8:46 AM Posted To: Exchange (Swynk) Conversation: Password Mainenance Subject: RE: Password Mainenance No. We have always manually created the passwords in the past and kept a list. Doesn't make me a hacker of any sort. The company is getting so big, Just looking for a way of automating it yet maintaining a password structure. I am one person managing two departments and too many servers and sorkstations :) John Parker, MCSE IS Admin. Senior Technical Specialist Digital Display Systems. Alpha Video 7711 Computer Ave. Edina, MN. 55435 952-896-9898 Local 800-388-0008 Watts 952-896-9899 Fax 612-804-8769 Cell 952-841-3327 Direct [EMAIL PROTECTED] "Be excellent to each other" ---End of Line--- -----Original Message----- From: Ben Winzenz [mailto:[EMAIL PROTECTED] Sent: Thursday, October 23, 2003 8:40 AM To: Exchange Discussions Subject: RE: Password Mainenance What, you mean report what all the new passwords are to you? Are you out of your mind? I sure hope you are kidding. If you seriously want to get a list of ALL passwords, why don't you go out and buy LophtCrack - after all, what you are wanting is something to make you a hacker of the company you work for. Ben Winzenz Network Engineer Gardner & White (317) 581-1580 ext 418 -----Original Message----- From: John Parker [mailto:[EMAIL PROTECTED] Posted At: Thursday, October 23, 2003 7:47 AM Posted To: Exchange (Swynk) Conversation: Disappearing email Subject: Password Mainenance Hey all, I am nearing a time when once again, I need to do a password change for my company. Is there any password automation out there, that will allow me to setup a password structure, changes the passwords and give me a report of the new ones? There has to be something out there like that... Thanks John Parker, MCSE IS Admin. Senior Technical Specialist Digital Display Systems. Alpha Video _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=& lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=& lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=& lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]