Articles

Look for clues

16/08/2020
When you first start to look at an account that has some kind of privileged access issue, you might find it useful if somewhat obvious, to check in your password vault to see if there are any similar accounts already under password rotation. Or check hostnames, again to see if there are accounts already on those hosts, perhaps on a cluster of servers, which may already have rotation or session management enabled. This could save you a lot of time in unnecessary analysis, when the potential solution is already known. Having this information to hand also may save you time and frustration trying to convince an owner that it is probably safe to rotate the password.