Implementation questions

Ryan Malayter rmalayter at
Wed Apr 7 17:51:54 CEST 2004

[Steve Butler]

> Having worked as a system admin for a large newspaper 
> company, if a critical
> employee is walked out the door (or leaves) all passwords 
> known to them (or
> even presumed to be known by them) are immediately changed.  
> Therefore, any
> database of passwords they may have copied at home (even if 
> encrypted) are
> immediately invalid.
> The new list is distributed as needed.  If the super user 
> password changes,
> a copy is placed in the VP's office safe.  

We use a "secret sharing" scheme where N VP level personnel are given a
share of a secret, and N-M of them are required to get together to
reconstruct our root passwords. That way, if all IT personnel are "hit
by the same bus", management can still 

Do a Google search for "secret splitting" and "secret sharing", and
you'll see plenty of (provably secure) ways to do this. We use a simple
geometric method and excel spreadsheets, distributed on business-card
style CDs to the executives. But there are plenty of other ways to do it
and software tools to get you there.

More information about the Gnupg-users mailing list