<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<br>
<div class="moz-forward-container">
<div class="moz-forward-container"> On 5/17/2019 4:32 PM, Ángel
wrote:<br>
<blockquote type="cite">On 2019-05-16 at 19:00 -0700, Allen
Schaaf wrote:<br>
<blockquote type="cite">The goal for the credit union is to
encrypt login information<br>
used by the staff.<br>
</blockquote>
No, no, no. Don't do that.<br>
<br>
The login credentials of your users shall only be known by
them. Full<br>
stop.<br>
<br>
Letting other people know the password of the users makes
auditing<br>
unnecessary hard.<br>
<br>
Suppose you had a rogue employee, and you find out. You are
suing him<br>
for the amount of money he stole, while he sues you for
improper<br>
dismissal, claim it is all made up since the business needed a
scapegoat<br>
in order to please the shareholders...<br>
The company shows evidence that someone logged in with his
account<br>
performed a number of fraudulent transactions.<br>
Who could log in as such account? The employee... and his
bosses.<br>
<br>
<br>
The problem you really want to solve is «The manager/CEO and
assistant<br>
manager need to enable access to each account if needed»<br>
<br>
How is every other company solving this very same problem?<br>
You have a central authentication server (usually a Microsoft
Active<br>
Directory). Every time there is a need to log in into a host,
it<br>
verifies the credentials. This allows it to verify that
passwords follow<br>
the given policy about renewal, lock out bruteforcing
attempts,<br>
centrally log accesses, disable access for a user on just one
place when<br>
he leaves...<br>
<br>
Now, let's suppose that Fred is away on vacation while there's
a<br>
pressing need to get a copy of the draft of a new policy
stored on his<br>
Desktop (while he was developing it), due to a new regulation
requiring<br>
you to implement it by the end of the week.<br>
<br>
An administrator would then reset the password of this user to
a new<br>
one, allowing you to log in to his account, *with no knowledge
of the<br>
password he was using*. At the same time, this action would
create the<br>
proper audit trail showing who performed the password reset on
the<br>
account.<br>
<br>
<br>
It's safer and much more simple.<br>
<br>
Additionally, it's generally recommended that each user have
only a<br>
single login, rather than six or seven (!), which simplifies
user<br>
management.<br>
<br>
<br>
Best regards<br>
<br>
<br>
<br>
_______________________________________________<br>
The cryptography mailing list<br>
<a class="moz-txt-link-abbreviated"
href="mailto:cryptography@metzdowd.com"
moz-do-not-send="true">cryptography@metzdowd.com</a><br>
<a class="moz-txt-link-freetext"
href="http://www.metzdowd.com/mailman/listinfo/cryptography"
moz-do-not-send="true">http://www.metzdowd.com/mailman/listinfo/cryptography</a><br>
</blockquote>
(Sorry folks, I forgot to include the mailing list when
replying.)<br>
<br>
-------- Forwarded Message --------
<table class="moz-email-headers-table" cellspacing="0"
cellpadding="0" border="0">
<tbody>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">Subject:
</th>
<td>Re: [Cryptography] A two key file/program</td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">Date:
</th>
<td>Sat, 8 Jun 2019 18:26:14 -0700</td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">From:
</th>
<td>Allen Schaaf <a class="moz-txt-link-rfc2396E"
href="mailto:netsecurity@sound-by-design.com"><netsecurity@sound-by-design.com></a></td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">To: </th>
<td>Ángel <a class="moz-txt-link-rfc2396E"
href="mailto:angel@crypto.16bits.net"><angel@crypto.16bits.net></a></td>
</tr>
</tbody>
</table>
<br>
<br>
Hi Ángel,<br>
<br>
If we do not have access to the a potentially rouge employee's
access to the various systems used by the credit union there
would be no way to find out what crookedness they might have
committed.<br>
<br>
An employee is required to take a minimum of one week vacation
per year, in the USA, to help with auditing process. If we can't
access their computer and the various normal files and external
systems used then we can't do an in depth audit.<br>
<br>
The audit functionality is particularly important for upper
level management as that is where most crookedness happens.<br>
<br>
As to the number of login credentials, we can't limit the number
as each of the services we contract for require passwords and,
as far as I can tell at least two require specially formatted
passwords for access to remote systems that they dictate its
structure must be and, to prevent potential hacking, we can not
"administratively" replace. But in order to properly audit their
actions we need to see the data in these external file systems.<br>
<br>
The primary reason for using a two password storage file is to
help prevent one person from accessing another person's files so
they can do the crookedness as though they were the other
person.<br>
<br>
In general your approach would be fine if all the systems were
within our computer systems.<br>
<br>
Thanks,<br>
<br>
Allen<br>
</div>
</div>
<div id="DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2"><br />
<table style="border-top: 1px solid #D3D4DE;">
<tr>
<td style="width: 55px; padding-top: 13px;"><a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient&utm_term=icon" target="_blank"><img src="https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif" alt="" width="46" height="29" style="width: 46px; height: 29px;" /></a></td>
<td style="width: 470px; padding-top: 12px; color: #41424e; font-size: 13px; font-family: Arial, Helvetica, sans-serif; line-height: 18px;">Virus-free. <a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient&utm_term=link" target="_blank" style="color: #4453ea;">www.avast.com</a>
</td>
</tr>
</table><a href="#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2" width="1" height="1"> </a></div></body>
</html>