rmalayter at bai.org
Wed Apr 7 17:51:54 CEST 2004
> Having worked as a system admin for a large newspaper
> company, if a critical
> employee is walked out the door (or leaves) all passwords
> known to them (or
> even presumed to be known by them) are immediately changed.
> Therefore, any
> database of passwords they may have copied at home (even if
> encrypted) are
> immediately invalid.
> The new list is distributed as needed. If the super user
> password changes,
> a copy is placed in the VP's office safe.
We use a "secret sharing" scheme where N VP level personnel are given a
share of a secret, and N-M of them are required to get together to
reconstruct our root passwords. That way, if all IT personnel are "hit
by the same bus", management can still
Do a Google search for "secret splitting" and "secret sharing", and
you'll see plenty of (provably secure) ways to do this. We use a simple
geometric method and excel spreadsheets, distributed on business-card
style CDs to the executives. But there are plenty of other ways to do it
and software tools to get you there.
More information about the Gnupg-users