|General Chat MCB's Coffee House: Pull up a seat, and grab your favorite caffeinated beverage. Non-paintball related chat within.|
| ||Thread Tools|
|08-29-2006, 02:52 PM||#1 (permalink)|
sold for fish tacos
Fingerprint ID systems?
I've been thinking of going with a fingerprint reader to maage my passwords for my laptop and work computers, as well as managing some things on the server here at work (since my boss hands out passwords like they were free candy)
Anyone work with these? Any particualr ones to stay away from? I've liked the idea of a usb flash with the print reader, but they just seem to encrypt the data on the drive itself, not do logons and passwords.
|08-29-2006, 03:53 PM||#2 (permalink)|
Shiny. Let's be bad guys
In short, they're shotty at best.
My boss and I looked into several of them, and every single one we researched came up short.
Here, we use an app called "Password Safe".
It's a freebie.
Fully DOD compliant.
We setup a few with a "trickle down" setup.
The "top" safe basically just holds domain admin, root, and passwords for the "sub safes". Only 2 people have the password to that safe.
Next level down would be one for Unix system passwords, one for windows SA's, etc. etc.
This serves two CRITICAL functions:
1) Keeps us SA's from commiting the mortal sin of writing down passwords
2) If a particular system/domain needs to have passwords changed in a hurry (because your boss distributed it like Pez) You can quickly check the appropriate password safe to get a list of affected systems/accounts.
Sorry, not really an answer to your question...but after checking into them, we just didnt find anything that gave us the warm-fuzzies.
(seriously security-over-cautions around here)
Strive for that moment when you're only a slice of pizza and a hooker away from paradise.
|08-29-2006, 04:58 PM||#3 (permalink)|
Join Date: Apr 2006
Location: Albany. NY
Some others I've seen in use at two separate companies now.. involved a little digital watch looking thing. The device either receives a signal or has the number programmed in.. but when you log in you use what ever code is displayed on the little watch like doo-hickey. the code changes something like every 30 seconds.
Would that work for you..I don't know.. but it is another security/password device that is out there.
|08-29-2006, 06:40 PM||#4 (permalink)|
sold for fish tacos
Im gonna look into Password Safe. Its just will it be safe in the hands of some at our place
Ive seen those constant changing password dongles, where they are updated by this or that algorithm and such. Its an idea, but the fingerprint device idea is born out of security and laziness
|08-29-2006, 06:49 PM||#5 (permalink)|
Join Date: Apr 2006
Location: Fresno, CA
I wish I could implement some form of security like this. I had to fight to convince people that putting their ID and password on a post-it on the monitor was unacceptable.
I tested a couple of the thumbprint USB keys many years ago. 2 of 3 we could buy off the shelf could be disabled by Ctrl+Alt+Del and killing the software. I'm sure they are better now, but I don't have the budget for R&D.
|08-29-2006, 07:31 PM||#6 (permalink)|
King of the OFG
I have a nice one from Targus that cost about $50.00 when I got it a year or so ago. It came packaged with a password vault called Omnipass, and it works pretty much flawlessly. We have never been able to fool it, and I have some pretty inventive hackers working in my group.
It's USB and about the size of a microcassette, so it's unobtrusive as well.
MicroMags 'R Us
|08-29-2006, 07:33 PM||#7 (permalink)|
Pizza Hut uses the fingerprint things for thier cash registers.
|08-29-2006, 10:58 PM||#10 (permalink)|
Retired from paintball
CPPA #1145 / PPIG #496 / LPPC #103 / POG #1047 / Team Rogue Cell #7
PJ's Gallery on MCB
Feedback on MCB
Last edited by PJ; 08-29-2006 at 11:23 PM. Reason: Just can't spell tonight