Storing my Network Credentials.

Storing my Network Credentials.: Posted by Stephen O'Sullivan on January 7th, 2004; G/Day Forum,

I'm a Security Administrator and have set up usernames and passwords on all
of my systems, routers, firewalls, etc.

Now I want to know where do I store them? Is a share on a file server
protected by NTFS enough? Any ideas?

Regards,
Steve.; Posted by Ozone on January 7th, 2004; There are a number of free applications that can be used to store passwords
that are password protected. Find one you like, put one hell of a password
on it, and then store it on and NTFS partition with file level permissions
to restrict access to the program. This is just about as close as you can
get to securing passwords.

Ozone
"Stephen O'Sullivan" <steve@nospam_noway_dontyoudare.net> wrote in message
news:exlNCpP1DHA.1356@TK2MSFTNGP10.phx.gbl...; Posted by Dusko Savatovic on January 7th, 2004; Hi Steve,

A share on NTFS volume (or any other volume is usually not enough. You know,
if somebody steals your disk (or has physical access to your disk), then
that person can see the data on it. The same holds true if someone gets hold
of backup tape. If you want to store this information securely, you shoul
choose some sort of encryption. NTFS does provide EFS (Encrypting File
System) on Windows 2000 and newer. However, if you want to use it, you
should learn how it works to avoid loosing your information or allowing
unauthorized people to see this information. You may also purchase a device
that is specifically designed to keep and generate complex passwords. It
looks usually like USB keychain disk an costs up to 50 USD. You may try
Google to find more info.

HTH
Dusko savatovic

"Stephen O'Sullivan" <steve@nospam_noway_dontyoudare.net> wrote in message
news:exlNCpP1DHA.1356@TK2MSFTNGP10.phx.gbl...; Posted by Robert Moir on January 8th, 2004; Stephen O'Sullivan wrote:

How about in a document protected by a strong encryption system thats
"out of the bounds" of the network you are trying to protect, such as
PGP. http://www.pgpi.org/

Of course, you'll still have to generate a "strong" password for that
protected document.

Once encrypted, I'd consider storing this document somewhere than on
your network, if you are really worried. (e.g. a portable USB drive...
you can carry one with you, and put another sealed in an envelope in a
safe, if you have access to one.)

--
Rob Moir
Microsoft MVP for servers & security
Website - http://www.robertmoir.co.uk
Virtual PC 2004 FAQ - http://www.robertmoir.co.uk/win/VirtualPC2004FAQ.html

Similar Posts

Windows XP computers on wireless network lose login credentials (Networking) by MartinWill2
How to trigger (re-)entry of credentials when accessing another computer in the local network? (Networking) by Michael Moser
How to trigger (re-)entry of credentials when accessing another computer in the local network? (Networking) by Michael Moser
Cannot Map a Network Drive Under Different User Credentials (Microsoft Windows) by JulianD
Removing cached network credentials after network share (\\servername) is used (Security & Administration) by chuwy