Random Password Manager Solves Problems



Identifying the Pain

End Users

The problem for end users is the slew of applications that each have unique passwords. With so many passwords to remember, users often lock themselves out of the application or their domain altogether. Implementing a Single Sign-On solution is a complex endeavor that consumes server, workstation, and administrator resources. Additionally, the concept of having users automatically logged into any and all applications, or having users write their passwords on sticky-notes, is an idea that leaves many administrators and auditors feeling sick. End users need a secure, easy-to-access place to store their credentials for all of the applications that they must use.

Random Password Manager allows users to store their passwords in an AES encrypted database, and then recover the passwords themselves when necessary.


Information Technology (IT)

Having all systems in your network share one common password because they were deployed via scripts, by hand, or by some other program, will lead to only one thing: compromise of your entire network. Despite being part of a domain, Windows workstations still function as a giant workgroup. This means a compromise of one system, where the local administrator username and password can be obtained, also means that every other computer in your network with that same name and password are also now compromised.

The next issue is that of governance. With thousands of systems under your control, how do you change the passwords of your local administrator accounts and root accounts on every system in a timely fashion to maintain compliancy and provide proof of change?

The answer to both of these problems is Random Password Manager. Random Password Manager randomizes the passwords of built-in Windows administrator accounts, Linux/Unix accounts, and SQL accounts such that all passwords for these accounts are unique. This means that a compromise of one system is not an automatic compromise of all systems. Because Random Password Manager will randomize your passwords on a regular basis, you are also sure to meet your governance requirements defined by Sarbanes-Oxley, HIPAA, PCI, and other regulatory standards which mandate regular changing of all account passwords.

Random Password Manager will log and audit any and all actions taken by the tool, providing proof and a record of all systems managed and passwords changed. Furthermore, Random Password Manager is automated. All password change jobs can be scheduled, meaning that you do not need to manage the tool once you configure your password change jobs. Finally, if you ever do need to recover a password, you may do so via a fully delegated and audited web interface which will also re-randomize the password after a limited time, thus ensuring that no one knows your systems' passwords unless they absolutely require temporary access.