|
How secure do you want/need these to be? Given the recent interest in PGP on the list you could always have the system generate the password and encrypt it using several people's public keys and sign that using the "system's" key. Then the password file could be stored anywhere since access to the file wouldn't buy you anything, and it could be decrypted by anyone with the correct key. If you wanted to get really sick, you could start using keysplitting where you encrypt to a common keypair, but the private part is "split" among x number of people, and you can tell PGP that you must have y number of people to decrypt. That is, you split the key into, say, 6 parts, and it takes any 2 people to get the key back -- but that's really sick. Then again, no one can use the key without at least one other person knowing. As for expiring the password, since the system is generating it and encrypting it, just have the system stick a new version of the encrypted file somewhere whenever it generates a new password. -Walden ------------ Walden H Leverich III President & CEO Tech Software (516) 627-3800 x11 WaldenL@xxxxxxxxxxxxxxx http://www.TechSoftInc.com Quiquid latine dictum sit altum viditur. (Whatever is said in Latin seems profound.)
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
