We've lost the password battle

October 9, 2008

It's been an article of faith, frequently professed to users, that they should never write down their password or otherwise record it. Your users probably profess to follow this, and may even honestly believe that they are.

But find a user with a machine that recently rebooted (this often doesn't take long) and watch what happens next, as the user re-establishes their environment and restarts their applications. Did they get asked for a password when their IMAP-based mail program started, or is it happily fetching mail? How about their CIFS-based shares, did they get asked for that password when they started talking to your Samba server?

Probably not.

Do you use separate user passwords for each of those services?

Almost certainly not. (At least around here, the users would likely lynch us for trying that. And it wouldn't really matter if we used a separate password for these services than for people's Unix login; the net effect would be to make even fewer people log in to our Unix servers, with no decrease in an attacker's ability to do damage.)

If you are lucky, your users have some sort of master password that unlocks their machine. If you are really lucky, all of their applications are using a single secure password store, instead of putting together various ad-hoc solutions to the problem (or just storing passwords in barely encrypted form and ignoring the issue).

(By the way, try not to think too much about the effects of having your webmail system. You'll sleep better.)

Written on 09 October 2008.
« How we set up our Solaris ZFS-based NFS fileservers
Some notes about iSCSI multipathing in Solaris »

Page tools: View Source, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Thu Oct 9 01:06:21 2008
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.