[mdlug] Password management application
Michael ORourke
mrorourke at earthlink.net
Wed Feb 18 14:04:43 EST 2015
-----Original Message-----
>From: Aaron Kulkis <akulkis00 at gmail.com>
>Sent: Feb 17, 2015 4:12 PM
>To: MDLUG's Main discussion list <mdlug at mdlug.org>
>Subject: Re: [mdlug] Password management application
>
>Mathew May wrote:
>> Hey gang, I have a question for you. I have been tasked with looking into a password manager application that can be installed in a central location, that allows multiple user accounts to be configured, and then these user can display account/password information that is approved for their level of access.
>>
>> Example: We want to store database user names and passwords in a central local, and we want people to be able to login and see this information, but only what they have the appropriate access for. We want the developers to only see credentials for the dev environment, not able to see production values.
>>
>
>The very idea, in and of itself, is a MAJOR security violation.
>
>Whoever is demanding such things is incompetent.
>
>Good luck with the politics of this.
>
Okay, I am curious, why is this a MAJOR security violation?
It doesn't sound like he wants to store all the passwords in a text file on a public share.
-Mike
More information about the mdlug
mailing list