You've probably got a lot of passwords in your network that are extremely easy to crack and that's because they're built-in administrator passwords. Leaving them in once you've started using the network is kind of like leaving in that picture that comes with the frame when you buy it. Wouldn't you rather be using your own password manager?
Look, it's child's play for someone who wants to monkey around with your system to guess "alt admin" or some other standard manufacturer-generated password to gain access to your system. They know that's what the password was set to when you got it and they're betting you haven't changed it. Have you?
Here's where a recent product from Lieberman Software comes in, the Enterprise Random Password Manager. According to company officials, it "scans the network, detecting and securing default and well-known privileged logins," the kind so treasured by hackers, disgruntled employees and malware.
EPRM "secures" these passwords and even gives you an audit trail of who's accessed them. As Chris Stoneff, director of Professional Services at Lieberman Software explains, EPRM "attempts to use an ‘alt admin’ and otherwise well-known credentials, records any logins as known passwords in the Web interface, and makes the account available for recovery."
Accepting an industry award for the product last December, Lieberman Software President Philip Lieberman said, "For comprehensive security and management of privileged accounts, Enterprise Random Password Manager is the solution of choice."
ERPM is also used to deal with “privileged accounts" throughout the enterprise, those with super-use permissions. The product frequently changes each account's password to a unique and complex value, Lieberman officials explain, "and deploys the password changes wherever they are used in the data center."
This helps control access to an organization data by fully auditing administrative ? access to systems and applications in the IT infrastructure, by "showing precisely who on the IT staff had access to sensitive data, at what time and for what stated purpose. "