Educause Security Discussion
mailing list archives
Re: Password Vaulting
From: Joseph Corey <jcorey () CMU EDU>
Date: Mon, 6 Oct 2008 17:13:16 -0400
We've been using Enterprise Random Password Manager by Lieberman
Software for about eight months now and it has served our needs
wonderfully. They've made great strides with their most recent release.
It supports the storage and automatic randomization of Windows, Mac,
*nix, Cisco equipment, and many more passwords. They now support the
storage of the private key on an HSM module and support integration with
There are a few downsides like needing local admin rights on the server
to administer the Win32 app, but all of the password requests,
approvals, and retrieval happen through the website. You only need the
Win32 app when adding new accounts/passwords.
If you have specific questions about the product or would like a contact
there, feel free to contact me off-list.
Joseph T. Corey MCSE, Security+
jcorey () cmu edu
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jerry Sell
Sent: Monday, October 06, 2008 4:53 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Password Vaulting
We are trying to get electronic vaulting of root and root equivalent
passwords in place. We are receiving kickback from upper management,
because they are not comfortable with the technology.
If you are currently using electronic password vaulting we would
appreciate a response. We would like to know what product you are using,
is it successful, any horror stories, would you recommend it to others.
Jerry Sell, CISSP
Brigham Young University
Jerry_Sell () byu edu