Random Password Manager
Centralized scalable password management
security and recovery
Joe Vachon
Sales Engineer
The Problem:
Common Account Credentials
• Most organizations deploy servers and workstations with
identical local account credentials
• If even one local password is cracked an unauthorized
user can gain peer-level access throughout the network
• Compromises IT assets, disrupts business continuity,
causes non-compliance with security best practices and
regulatory standards
“One of the neglected security holes in a Windows network is
the local administrator password for your users’ desktop
machines. Many organizations synchronize these, so that the
same password can be used for each.”
Dave Kearns
Editor, Network World
The Solution:
Unique Account Credentials
• Regularly deploying unique account credentials
on each machine prevents one compromised
system from threatening the entire network
• Manually randomizing passwords on every
system is impractical
• Scripting limitations – no logging, no
documentation, difficult to update, maintain,
support
Random Password Manager
• Periodically randomizes local administrator and root
account passwords throughout the enterprise, including
firecall accounts
• Centrally managed, randomization conducted according
to schedules established by IT
• Multi-threaded, SQL server-based application that
deploys without installing agents to client systems or
requiring additional hardware
• Supports Windows NT, 2000, XP, Server
2003, Vista, Server 2008, and Linux,
UNIX , SQL Server, Cisco IOS devices
• Certified for Microsoft Windows Vista
Requirements
• Windows 2000, XP, Server 2003, Vista, Server 2008
• Administrative rights over host machine and target
machines
• NetBIOS over TCP/IP (ports 137-139 or 445) for
Windows management
• Port 22-SSH for Linux\Unix management
• Port 135-Automated installation of password recovery
website
• SQL 2000\SQL Express\MSDE
• IIS 5.0 or later\Personal Web Server
• Active Server Pages enabled
• COM identity-domain account with admin rights on web
server and access to the SQL database
• SSL certificate recommended
Demonstration
Win32 Application
Win32 Review
• Create groups of machines
• Populate groups with machines
• Select machines you wish to include in a
password change job
• Schedule password change job
• Delegate remote secure recovery of passwords
in your machine groups to user entities
Password Creation/Encryption
• Passwords can be controlled for length,
complexity, special characters
• Passwords stored in SQL relational database,
can be clustered and replicated
• Data secured using AES-256 bit encryption
Demonstration
Web Application
Password Recovery
• Local passwords recovered on demand by delegated
users for routine systems management tasks
• Controls who can recover passwords and how long they
remain active (2 hours by default)
• Passwords automatically randomized after temporary
period expires
• Periodic password verification checks that random
passwords still work on each machine
“The product randomizes passwords for each machine and allows non-privileged
users to gain temporary access through a web portal for essential jobs.”
Ericka Chickowski
Editor, SC Magazine
Password Vault
• Proliferation of passwords leads to frequently lost or
forgotten passwords
• Insecure or inadequate solutions – writing passwords
down, automatically logging in all users, Single Sign-On
• Password Vault allows users to securely store all
passwords in AES encrypted database
• Delegated users can retrieve own passwords through
secure web interface
“The Password Vault module enables administrative users who
forget their credentials and cannot access a system or
application to quickly retrieve their own passwords through the
Web interface…”
Dave Kearns
Editor, Network World
Logging
• All password randomizations, verifications, and
recoveries, as well as program logons, are logged into
relational database
• Information can be sorted and extracted to CSV files
• Logs can be provided to security auditors to prove
compliance with Sarbanes-Oxley, HIPAA, PCI, and other
regulatory standards
…government regulations such as SOX, HIPAA, and PCI with
their requirements for companies to keep tabs on who does
what on their systems, are prompting more interest in Random
Password Manager from companies in every industry.”
Renee Munshi
Senior Editor, Windows IT Pro
Licensing & Availability
• Licensed by managed system
• Academic, GSA, non-profit, and volume
discounts available
• No separate server/workstation pricing
• Available now
• Free, fully functional evaluation for download
now from http://www.liebsoft.com
Conclusion
Questions?
Joe Vachon
Sales Engineer
joe@liebsoft.com
800-829-6263