Today I was tasked with upgrading our GoToMyPC account to a corporate plan and then setting up the 12 users we have to use the new plan. During the process of getting each user to set up a new password and access code there was a lot of mubling and grumbling.
Before I worked here there were a lot of things that were done which shocked me such as passwords in AD descriptions which scared the hell out of me but have since been cleaned up. For some reason I am still forced to provide user passwords to managers and it isn't hard for me to look around under keyboards to find all sorts of passwords so easily accessible.
There are some people who are domain admins, who have no business being so, other than I was told to set them up to have that access.
This is something I have read numerous other posts on so obviously it is a common IT problem. I want to fix these things but I feel powerless because no matter how much of a business/security case I try to build upon it, I am simply told that this is just the way it is.
Do any of you spiceheads out there have any experience with this, and if you did, could you detail what you did to fix the problem or should I at least have a CYA solution just in case something does go terribly wrong?
↧
User Password Management and Security
↧