Lotus Notes - users password is in clear text. Can I hide?

IWe have been having security issues with mail breaches internally. I was astounded to see that Domino admins can access a users Lotus password - in clear text.
Can this be hidden?
Version is R5

I come from an exchange background. I saw an admin retrieve a pasword, but failed to note how. If someone coudl indicate where it sits, I wish to demonstrate my concerns to MD.

Is this a flaw or simply an oversight of Lotus
Danno2013Asked:
Who is Participating?
 
Sjef BosmanGroupware ConsultantCommented:
AFAIK, no password can (or has) ever be retrieved from Notes or Domino by itself. Therefore, the breach must lie with the admins. I suppose they keep some file or database with the passwords, or the password can be generated from the user's name. That is, the *initial* password, because it used to possible to use an older ID-file to gain access when you had the accompanying password. That's how Notes security is defined: you need a strong password to open the ID-file; the ID-file contains the user's private key that is used to get access to the server and sign or decrypt documents. If you make a copy of the ID-file and change its password, the original ID-file still has the original password. That's not a Notes flaw, that is a serious problem of the admins with the keys of the building. They should be utterly careful with those keys.
0
 
Bill-HansonCommented:
I'll confirm sjef's post.  He is 100% correct.  Your admins maintained a list of original passwords.

No points for me, please.
0
 
Sjef BosmanGroupware ConsultantCommented:
(Off-topic: Hi Bill, is there any way I can send you a mail? )
0
 
Bill-HansonCommented:
Sure.  How can I get my address to you without posting it directly on this site?
0
 
Sjef BosmanGroupware ConsultantCommented:
My mail address is in my EE-profile, somewhere in the middle. Thanks!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.