Storing my Network Credentials.

  • Thread starter Thread starter Stephen O'Sullivan
  • Start date Start date
S

Stephen O'Sullivan

G/Day Forum,

I'm a Security Administrator and have set up usernames and passwords on all
of my systems, routers, firewalls, etc.

Now I want to know where do I store them? Is a share on a file server
protected by NTFS enough? Any ideas?

Regards,
Steve.
 
There are a number of free applications that can be used to store passwords
that are password protected. Find one you like, put one hell of a password
on it, and then store it on and NTFS partition with file level permissions
to restrict access to the program. This is just about as close as you can
get to securing passwords.

Ozone
 
Storing passwords on the server does not separate them
from the devices as much as it should. If you have a
failure and you and/or another designated person needs to
get at the passwords it is wise to have them in a fire
proof safe with access to safe limited to those who should
have access to the passwords.
 
Hi Steve,

A share on NTFS volume (or any other volume is usually not enough. You know,
if somebody steals your disk (or has physical access to your disk), then
that person can see the data on it. The same holds true if someone gets hold
of backup tape. If you want to store this information securely, you shoul
choose some sort of encryption. NTFS does provide EFS (Encrypting File
System) on Windows 2000 and newer. However, if you want to use it, you
should learn how it works to avoid loosing your information or allowing
unauthorized people to see this information. You may also purchase a device
that is specifically designed to keep and generate complex passwords. It
looks usually like USB keychain disk an costs up to 50 USD. You may try
Google to find more info.

HTH
Dusko savatovic
 
Stephen said:
G/Day Forum,

I'm a Security Administrator and have set up usernames and passwords on all
of my systems, routers, firewalls, etc.

Now I want to know where do I store them? Is a share on a file server
protected by NTFS enough? Any ideas?
Click to expand...

How about in a document protected by a strong encryption system thats
"out of the bounds" of the network you are trying to protect, such as
PGP. http://www.pgpi.org/

Of course, you'll still have to generate a "strong" password for that
protected document.

Once encrypted, I'd consider storing this document somewhere than on
your network, if you are really worried. (e.g. a portable USB drive...
you can carry one with you, and put another sealed in an envelope in a
safe, if you have access to one.)
 
Back
Top