Re: [Full-disclosure] password vaults-
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Someone else suggests that this may just be a troll...but I'll answer it anyway: Google is your friend, David. Try googling for "password storage" and weed through the 186,000 hits until you find the product you need. Cheers On Wed, 12 Oct 2005 08:02:04 -0700 David Royer <[EMAIL PROTECTED]> wrote: >Sorry for the very noob question, but I'm having very hard times >finding >such products. > I have the pleasure and the incredible chance to support generic >(shared >admin) passwords. I'm looking for a commercial product to manage >the >distribution and protection of these passwords. Must be RSA >compatible and >Active Directory (LDAP, to retrieve info and allow access). Also >must be >able to support web (https) for users to log in and get the >passwords they >are allowed to see. > Best regards! -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.4 wkYEARECAAYFAkNOZBEACgkQfw4CJpLBxOM4zgCdGmrlfefcpajJBeTofm73Z0JB6DgA oL0whOvp1c48V/X3GhetVAc27F// =1OYc -END PGP SIGNATURE- Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail Affiliate Program: http://www.hushmail.com/about-affiliate?l=427 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] password vaults-
Are you talking about something like a password reset for the brilliant end user, because somehow their password mysteriously doesn't work anymore? There are several vendors (Google something like automated helpdesk password reset) that offer this type of technology, but they will not show the end users current password just allow them to change it. >Sorry for the very noob question, but I'm having very hard times finding such products. >I have the pleasure and the incredible chance to support generic (shared >admin) passwords. I'm looking for a commercial product to manage the distribution and protection of these >passwords. Must be RSA compatible and Active Directory (LDAP, to retrieve info and allow access). Also must be >able to support web (https) for users to log in and get the passwords they are allowed to see. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] password vaults-
> Sorry for the very noob question, but I'm having very hard times finding such products. What are you going to use that product for. Give us a idea of the end users and how they are going to use this Your details right now are bit on the less side. For what I make out of your post are your looking for RSA secureID ? It is 2 factor auth and is pretty well supported on windows envs.. Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com) smime.p7s Description: S/MIME cryptographic signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] password vaults-
David Royer wrote: Sorry for the very noob question, but I'm having very hard times finding such products. I have the pleasure and the incredible chance to support generic (shared admin) passwords. I'm looking for a commercial product to manage the distribution and protection of these passwords. Must be RSA compatible and Active Directory (LDAP, to retrieve info and allow access). Also must be able to support web (https) for users to log in and get the passwords they are allowed to see. Best regards! OK. In spite of the fact that this has got to be a troll, I'll bite . . . Run from that as fast and as far as you can. Under /*any*/ circumstance, shared passwords are a major no-no. You're setting yourself up for misery . . . And allowing users "to log in and get the passwords they are allowed to see"? Think about that for a while and see if you can identify some potential risks there . . . /g ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
