Would you store domain administrator password in a place like 'LastPass' vault?
hi guys
I am setting up a Excel password sheet that is protected with information regarding our domain passwords and switches etc. With the issue of ransomware etc becoming a grander problem by the day, I am now being asked to not only create these protected password sheets on the network, but also in the cloud with providers like 'LastPass'.
Would you or have you done this and feel safe to put your passwords in a vault in the cloud?
Thanks for helping
Yashy
I am setting up a Excel password sheet that is protected with information regarding our domain passwords and switches etc. With the issue of ransomware etc becoming a grander problem by the day, I am now being asked to not only create these protected password sheets on the network, but also in the cloud with providers like 'LastPass'.
Would you or have you done this and feel safe to put your passwords in a vault in the cloud?
Thanks for helping
Yashy
ASKER
I understand the reasons, but then let's say tomorrow I leave and I have to pass information down to the new person, it's going to be so difficult to omit things when they are trying to access content unless I go through every one of them with them, right?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
And different accounts for different tiers
https://www.experts-exchange.com/articles/29515/Active-Directory-Simple-Tier-Isolation.html
https://www.experts-exchange.com/articles/29515/Active-Directory-Simple-Tier-Isolation.html
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I wouldn't - with some thing that critical-- I can pass on all that info on a usb key to the new admin---yes your admin account should be decommissioned----but there is nothing wrong with printed documents in a binder stored in a vault that is fire and water proof, with a back usb key stored offsite say a box in a bank
Every serious company will have some fireproof safe. Keep a second copy of important passwords printed out in there, update it once a month or at whatever interval seems sensible. Uploading such info to the cloud is not recommendable unless you think your own IT is terribly insecure or you don't have a safe.
I use a yubico usb key with my lasspass
If doing this, two factor auth is a must.
Also, the weak point with a lot of these systems is the endpoint. There have been a number of vulnerabilities discovered with browser plugins for cloud-based password managers, that could allow malicious sites to gain access to your credentials. If you're just using it as an offline backup of your passwords, you can improve your security by avoiding the use of their browser plugins.
Also, the weak point with a lot of these systems is the endpoint. There have been a number of vulnerabilities discovered with browser plugins for cloud-based password managers, that could allow malicious sites to gain access to your credentials. If you're just using it as an offline backup of your passwords, you can improve your security by avoiding the use of their browser plugins.
Wherever you store passwords omit a few character and do not store exact username or context with it