Protecting your password

I supervise some users in a mission critical project. These users login to effect monetary transaction on their systems. their passwords need to be seriously concealed. But in Practice I find out that it is impossible for them to conceal their passwords from support technician because they log in often their presence. so what is the way forwad

Hi Sose
Had a similar problem. Found a two way solution:

1) Asking the support technician politely to look away when the user types in the password, and seriously, no miming or whispering the password why they type it (I have reports that some of these support technician are lip readers and have an acute sense of hearing!!!)

2) Getting the users to change their password immediately after they have divulged it to any support technician.

It's all about educating the users to be careful.

arani you are making sense, but in this case the tech has to tell the user to login about 15 times on the spot where trying to troubleshoot some issues

Well in that case, the practice still stands. First of all the users have to remember their passwords. That is critical. And when they need IT assistance, they will have to put it in with the support guy looking away. Or if you want ease of use, then go to rule '2', get the user to change the password straightaway.

In our place (as IT support), we always look away without being asked. I think the head of the IT better tell that to his IT guys. As some users might feel it awkward to say it.

In our place (as IT support), we always look away without being asked. I think the head of the IT better tell that to his IT guys. As some users might feel it awkward to say it.

I agree totally, people working in IT should know the value of a secure password, and frankly, if i was the head of IT and had someone working for me that might want to steal passwords, they wouldnt be working for me much longer.

The emphasis for password security should certainly be on IT rather than the users.