lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Tue, 6 Dec 2011 22:28:17 -0800
From: Gage Bystrom <themadichib0d@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: distributing passwords to users

I'm disturbed in the first place that you want to distribute password
lists to multiple users.
I'm disturbed more so that there is no apparent cognitive dissonance
preventing you from functioning enough to have sent that email.

Someone please tell me that I'm not the only one disturbed here? And
if I am, point to me why please?

On Mon, Dec 5, 2011 at 7:30 PM, G V <gvasiliu@...il.com> wrote:
> Hi,
>
> From your experience, what's the best secure and easy way to update a
> password list and distribute it to 1000 or so unix users? The users
> would have different privilege levels and different access on network.
> Throwing ideas, I can think of: pgp (difficult to maintain a separate
> file for each user), web app (would need to be sucured over ssl,
> possible password protected), usb disks (difficult to manage changes).
> Anyone using an enterprise level app (commercial or not) to "share"
> passwords to users, manage changes and so on? Any other ideas I can
> use?
>
> Thank you,
> George Vasiliu
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ