Security of Network Passwords

[whatsys]

I know this can vary from company to company, but in general, what are standard practices concerning the handling the security of the passwords know only the System Administrator? Things like the built in Windows "administrator" account, switches and routers, network resources and shares, AV apps, ISPs, off site spam filtering services, Exchange, MX and C name records, domain registrar, website, off site backup services, purchasing from vendors, the company's wireless carriers, etc.

I realize that there should be a fail-safe in place so that in the scenario of the one person who knows them getting struck by a meteor and the interruptions of daily business that would cause, but how is this typically done?

Thank you. Thank you very much.

 

[Grenage]

We keep ours in a safe, just in case.

"We can categorically state that we have not released man-eating badgers into the area" - Major Mike Shearer

 

[North323]

same here, check it out:

http://www.schneier.com/passsafe.html

 

[gbaughma]

I usually have them in a sealed envelope in my personnel file in H.R.

Or in the safe deposit box with the offsite tape storage.



Just my 2¢

"What the captain doesn't realize is that we've secretly replaced his Dilithium Crystals with new Folger's Crystals."

--Greg

http://parallel.tzo.com

 

[ITPangaeaArchitect]

Just find a good password encryption software and install it on a machine that has whole disk encryption on it, and if possible, EFS running on top of it as well (if it wont cause corruption of the files), then restrict access to that system to only a few trusted individuals (if using windows, this can be done via group policy)

- Brandon Wilson
MCSE:Security00/03; MCSA:Security03
MCSA:Messaging00; MCP; A+
IT Pangaea (

http://it-pangaea.com)