Solved

How do you distribute a new passwords?

Posted on 2013-01-28
9
425 Views
Last Modified: 2013-01-30
Not a very technical question.

Say you need to change the admin account's password, or a password to a critical app.
Two questions:
-how do you notify that you are going to change the pwd,
-and after you finish changing the password, how do you distribute the new password?

Please share your experiences, and advice.
Thanks!
0
Comment
Question by:Tiras25
9 Comments
 
LVL 1

Expert Comment

by:thpipfh
Comment Utility
If you are changing any password: You said a mail like the admin accounts password is changing on so and so date and the password is like company name and your date of joining.
0
 
LVL 17

Author Comment

by:Tiras25
Comment Utility
No idea what you talking about.
0
 
LVL 17

Expert Comment

by:pergr
Comment Utility
Each admin should have their own credentials (username/password).

Then you may want to force each admin to change his/her password - but they should do it themselves, so that the password does not need to be distributed.
0
 
LVL 17

Author Comment

by:Tiras25
Comment Utility
How about the app passwords?  Not ad authenticated.
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 17

Accepted Solution

by:
Garry-G earned 125 total points
Comment Utility
I would reckon this depends greatly on your organization - how many people are affected, where are they, do secured means of communication exist (in case of distributed locations where affected users are), ... when our company changes relevant passwords, we can tell everybody ...

As for information of a change of passwords, I would assume you already have some sort of mailing list or company-wide information/news tool. If not, check out some of the open source tools around ... we've started using OpenEMM to distribute maintenance information, using different fields to add the possibility of addressing certain people for a limited scope maintenance.

As for distributing the new password - for an organization with spread out personnel, of course some means of encrypted communication (e.g. PGP/GPG) would be ideal. Another possibility would be direct information of one relevant person per site (e.g. via phone), then have them redistribute the information to the relevant people at that site. Last thing that comes to mind - sealed envelope with the information, possibly by registered mail with personal delivery only.
0
 
LVL 52

Assisted Solution

by:Manpreet SIngh Khatra
Manpreet SIngh Khatra earned 125 total points
Comment Utility
Firstly we have password that are difficult for anyone to anticipate something like $!US*2013#$ ...... no distribution using email or whatever just some method that others shouldnt be able to track .... like i have in my phone Notes\Drafts

- Rancy
0
 
LVL 17

Assisted Solution

by:pergr
pergr earned 125 total points
Comment Utility
One option is to send passwords via SMS, but make sure you do not send the username too.

Anyway, that password should preferably have a short expiry, and the user should be forced to change it in the App.
0
 
LVL 27

Assisted Solution

by:Tolomir
Tolomir earned 125 total points
Comment Utility
We use the password safe "keepass" a free opensource solution.

When I change a password, I inform all administrators by mail and point them to the password safe on a network share. Of cause this can also be dropbox.

The password of the safe would be distributed personally.

www.keepass.info
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
It’s an age old story, whether you’re looking for full-time employment or contract work. In order to land a job, you must have experience.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now