Any strategies for dealing with users sharing passwords?

2»

Comments

  • MishraMishra Member Posts: 2,468 ■■■■□□□□□□
    http://www.digitalpersona.com/

    They can log into the domain.

    EDIT: I think you have to have the server software

    DigitalPersona Pro Server

    "Pricing starts at $99 for Pro Workstation Reader package and $1,499 for Pro Server. This product has typical prices with the server software just shy of $1,500 and client packages at $99 per station. Although it may seem costly for larger deployments, this product provides a lot of flexibility and many ways of extending secure fingerprint-based authentication.
    "

    If they are a stupid company they might want something goofy and fun. ;)
    My blog http://www.calegp.com

    You may learn something!
    · Share on FacebookShare on Twitter
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Wow. I definitely like the methods which would make them miserable. The password reset upon sharing was particularly noteworthy. With the obvious downside of additional software, the fingerprint idea was good too. Smart cards would be worthless because there'd just be a communal "smart card bin" up by the receptionist.

    I really need to get Exchange in here. 99% of the time it's for email since pretty much all the files are stored on the network. If I can delegate access through Exchange, that would probably take care of most, if not all of it. As much as I'd like to make everyone suffer, I think that simply making things more convenient would be the best course of action. I guess 70-236 is May's project.
    · Share on FacebookShare on Twitter
  • HeroPsychoHeroPsycho Inactive Imported Users Posts: 1,940
    Even if they don't use sharepoint, those who need access to other people's mailbox can be accomplished with delegation. You need Exchange.

    Simple as that.
    Good luck to all!
    · Share on FacebookShare on Twitter
  • seuss_ssuesseuss_ssues Member Posts: 629
    Slowhand wrote:
    Strategies for preventing password-sharing between users? Have you thought using a rolled-up newspaper, or maybe shock-collars. . .

    I actually prefer the caddle prod. But everyone has their favorite tool.
    · Share on FacebookShare on Twitter
  • SlowhandSlowhand Mod Posts: 5,161 Mod
    Seriously? Users need to get burned before they change their ways. Begin by doing some education, making sure everyone knows about the issues that arise with sharing passwords and other lapses in security.

    After that, get the management's approval to stage a "theft", where one user's data goes missing and the 'evidence' points to another user that has access to the password of the first. If they don't have heart attacks before the day is up, have the managers announce that it was all staged, move the data back where it needs to be, and you can be sure there'll be at least 90% compliance with any security measures you decide to impliment.

    Once the users get to see how ugly and painful it can get when a lack of security comes back to bite you in the ass, they'll be much more receptive to changing their habits.
    Twitter | LinkIn
    Free Microsoft Training: Microsoft Learn
    Free PowerShell Resources: Top PowerShell Blogs
    Free DevOps/Azure Resources: Visual Studio Dev Essentials

    Let it never be said that I didn't do the very least I could do.
    · Share on FacebookShare on Twitter
  • empc4000xlempc4000xl Member Posts: 322
    dynamik wrote:
    As much as I'd like to make everyone suffer, I think that simply making things more convenient would be the best course of action. I guess 70-236 is May's project.


    Now you are thinking real IT. Instead of going crazy about firing people who break the rules like some mentioned, or other crazy fixes(some were good, some were comical). Give them what they need to do there jobs, thats what we are there for customer service. So I would put a plan together on why you need it, the security risk of not doing so, how much productivity would soar if we had it.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.