Читать книгу The Official (ISC)2 SSCP CBK Reference - Mike Wills - Страница 138
Escrow, Recovery, and Reset
ОглавлениеLet's face it: Every choice of Type I factor is at risk of being forgotten by a user, and this includes the master password or passphrase for a password manager! There are basically two options available that you as a systems security administrator need to consider as you plan ahead to deal with this human forgetfulness. Both require procedures that ensure that the user asking for recovery of a password in escrow is in fact the user whose identity was proofed and is part of your identity management record-keeping systems.
Password reset: This is merely an immediate action taken by the administrator to require a new password or passphrase at the next user login attempt. Most of us have had far too many experiences with using password reset functions, because of either forgetfulness or system policies about period reset.
Password escrow: This option provides for the storage of an encrypted (not hashed) form of the password in a physically and logically separate space. You also have to pay attention to the choice of encryption used, so as to protect against that key being compromised or lost. Regardless of whether your organization manages this escrow activity or has contracted it out to a password manager and recovery service, password escrow requires a level of trust and confidence at least as great as the most sensitive or confidential information in your systems.
Users will ask about having their password “recovered,” which is tantamount to running your own password cracker on it for them. You'll probably have to explain to them that if the password system is going to do its job of keeping the systems secure, it therefore shouldn't be something that can be easily cracked.