Hey everyone, I'm looking for advice on how to audit the use of plain text passwords in our systems, especially in a hybrid environment. What tools or strategies do you use to tackle this issue? Thanks in advance!
5 Answers
To find actual passwords, the best approach is to search for keywords like 'password', 'pw', or 'credentials'. However, these searches can return a lot of irrelevant results unless you have a specific password format to work with.
We utilize Huntress for their EDR capabilities. It notifies me whenever someone opens a document that contains passwords, which is a nice bonus feature we didn’t initially buy the tool for. It’s pretty helpful!
I'm also looking into Huntress now. That’s really great to know as an additional feature!
Most Data Security Posture Management (DSPM) tools can help with this. We use Varonis, which has a solid rule set out of the box for scans that look for passwords and other sensitive info. It’s a bit pricey, but it does what they claim.
A more manual approach could be walking through the office and checking the back of keyboards for post-it notes with passwords... Oh right, you meant on your systems. Forget I mentioned that.
There are a lot of tools like Varonis that can help, but they're usually in a big toolset. I was also surprised that Huntress includes this feature; it’d be fantastic to see more Endpoint Detection and Response (EDR) tools adopt similar functions.
How does it even determine if the document has passwords? Wouldn't that just flag any random text file with random phrases?