Databases
StackOverflow2013
Postsdbo
POCompany-wide password scheme for different customers
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POCompany-wide password scheme for different customers
    text
    copied!<p>Consider a company that delivers a network of computers as part of its deliveries. And it does this for hundreds of different customers. All of the PCs need to have secure passwords. This at least means:</p> <ul> <li>The password should conform to the basic password rules (capitalization, numbers, special characters, etc.)</li> <li>The same password shouldn't be used for different customers.</li> <li>The password shouldn't be easily guessable.</li> <li>If possible, the same password shouldn't be used for different PCs in the network (but it may be acceptable to do so).</li> <li>Since there is also a need to maintain these systems as part of the delivery, the operators need to be able to retrieve a password for a specific system easily without causing any security problems (like forwarding passwords in emails, etc.).</li> </ul> <p>Here are my questions regarding such a setup:</p> <ol> <li>Is it advisable to create a password scheme such that the operators can "calculate" the password without having to look up? [Problem is, once the scheme is disclosed, all systems will have a security problem.]</li> <li>How should the passwords be stored/retrieved for good security? [Is there a program that can be used to access a secure database with a web interface?]</li> </ol> <p>I found <a href="http://sourceforge.net/projects/webkeepass/" rel="nofollow">WebKeePass</a> during my investigation (which looks promising). One other <a href="http://ask.slashdot.org/story/12/05/12/0033242/ask-slashdot-open-source-multi-user-password-management" rel="nofollow">option</a> was to print the passwords and keep them in a locked filing cabinet in a disused lavatory in a basement with a sign on the door saying 'Beware of the Leopard'? but I believe that wouldn't be convenient for the operator. I wonder what are the other options would be...</p> <p><strong>Update:</strong> The "web" interface doesn't have to be open to public access (i.e., it can be accessible only within a VPN).</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload