Re: How do you manage your QSECOFR profile and other Q profiles?

["J M Plank" <plank.computer@xxxxxxxxx>]

We're similar to Rob in that only two people know the QSEOFR password.  We
use it for software installs and downtimes.

At other jobs, I had all object authority (or was given the QSECOFR password
- on the first day there!) - here I'm a peon.  One scary note here - I
installed an upgrade over the weekend, so was given the QSECOFR password.
Today our permanent keys arrived and I was able to sign on with the same
password!  When I asked why the password hadn't been changed, the response
was that it wasn't that important.  Even scarier is that I think I could
have guessed it in less than 10 tries (it is not a secure password).

I liked the policy when I worked with Rob.  If the password was given out,
it was changed immediately afterwards, and it was always some obscure
combination of letters and numbers - my one fear was mistyping it too many
times during downtime and locking out QSECOFR.

Mark Plank

"Burns, Bryan" <Bryan_Burns@xxxxxxxxxxxx> wrote:

> Because of the powerful profiles we have, we don't really have a policy on
> usage of the  QSECOFR profile but I need to write a policy and manage the
> QSECOFR profile properly.  What's the best practice here?   Should just
> one person know it and keep it a record of it in the safe, so if he's not
> here, someone can at least get at it?