There are two requirements:
1) Create a place for IT to store all of the passwords issued, and determine which users have access
2) Find a way to distribute passwords to users and make them available when they forget them
These passwords are not for internal NT accounts, but for the administration of the servers and services for our web-hosted application.
The biggest problem is that most of these logins are shared among different sets of users. There are admin logins for services like JRun, Weblogic, databases, our integration engine, etc. There are logins to third-party web-based tools for monitoring and such. Also logins for remote share access, VNC, Timbuktu, etc.
The web page I plan to build would be hosted on the company intranet, using SSL with Apache. Access to the intranet is password protected per user. My main concern with this are users that leave their machines unlocked while unattended. I have a way to minimize the risk of shoulder surfing.
I'm relatively new to the IT side of things (coming from the web side), so I figured I had better post here and see if anyone can point out any gotchas I need to look out for. Or if someone has a better solution to the same problem. Or flat out say my idea sucks. :)
I hope that's a bit clearer. Thanks for your help,
A Monk
In reply to Re: Re: Managing Passwords (OT)
by Anonymous Monk
in thread Managing Passwords (OT)
by Anonymous Monk
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |