The UNIX and Linux Forums  

Go Back   The UNIX and Linux Forums > Special Forums > Security
Reload this Page Password Automation pros/cons
.
google unix.com

Forums Register Forum RulesLinksAlbums FAQ Members List Calendar Search Today's Posts Mark Forums Read



Thread: Password Automation pros/cons
View Single Post in the UNIX and Linux Forums - Click on the Thread or Permalink to View Entire Thread -->
  #1 (permalink)  
Old 03-09-2009
sudharma sudharma is offline
Registered User
  
 

Join Date: Jul 2008
Posts: 18
Thumbs up Password Automation pros/cons
folks,

I have a security related question, to all you. Please share your comments with me.

I have a situation where i was asked to automate the password in my application, which expires every 6 months. In this case i need to generate a random password and set the password on some database/system (encrypted) and use this password in my application. In doing so the owner of the account will not be knowing the password as well.

My argument is that at first place, we should not automate the password to change automatically upon expiary. Secondly, changing the password automatically, the password change is not accountable and at later stages we would not know who changed the password last time. When i think of the password change I strongly belive that the account owner should be responsiable for keeping the passwords in a secret/encrypted form.


Please kindly share your thoughts if you had encountered such a situation beofre and what is best way to deal with this situation.


Hope to here from your expertese.


Cheers
Sudharma.