Skip to main content

Protecting your password

More
14 years 4 months ago #34935 by sose
I supervise some users in a mission critical project. These users login to effect monetary transaction on their systems. their passwords need to be seriously concealed. But in Practice I find out that it is impossible for them to conceal their passwords from support technician because they log in often their presence. so what is the way forwad
More
14 years 4 months ago #34936 by Arani
Replied by Arani on topic ...
Hi Sose
Had a similar problem. Found a two way solution:

1) Asking the support technician politely to look away when the user types in the password, and seriously, no miming or whispering the password why they type it (I have reports that some of these support technician are lip readers and have an acute sense of hearing!!!)

2) Getting the users to change their password immediately after they have divulged it to any support technician.

It's all about educating the users to be careful.

Picking pebbles on the shore of the networking ocean
More
14 years 4 months ago #34938 by sose
Replied by sose on topic Re: Protecting your password
arani you are making sense, but in this case the tech has to tell the user to login about 15 times on the spot where trying to troubleshoot some issues
More
14 years 4 months ago #34939 by Arani
Replied by Arani on topic ...
Well in that case, the practice still stands. First of all the users have to remember their passwords. That is critical. And when they need IT assistance, they will have to put it in with the support guy looking away. Or if you want ease of use, then go to rule '2', get the user to change the password straightaway.

Picking pebbles on the shore of the networking ocean
More
14 years 4 months ago #34943 by S0lo
Replied by S0lo on topic Re: Protecting your password
In our place (as IT support), we always look away without being asked. I think the head of the IT better tell that to his IT guys. As some users might feel it awkward to say it.

Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
More
14 years 4 months ago #34946 by JamieP
Replied by JamieP on topic Re: Protecting your password

In our place (as IT support), we always look away without being asked. I think the head of the IT better tell that to his IT guys. As some users might feel it awkward to say it.


I agree totally, people working in IT should know the value of a secure password, and frankly, if i was the head of IT and had someone working for me that might want to steal passwords, they wouldnt be working for me much longer.

The emphasis for password security should certainly be on IT rather than the users.

Jamie Parks
Network Engineer, UK
Time to create page: 0.133 seconds