Detection and securing of built-in passwords

Lieberman Software announced that the company’s privileged identity management product, Enterprise Random Password Manager (ERPM), now offers a solution to identify known, built-in administrator passwords in the network.

Many hardware devices come pre-configured with default credentials that are rarely changed and publicly known. Because these insecure default passwords can be easily identified, anyone with network access and malicious intent can login using these credentials and access systems and applications throughout the organization.

The new “known password discovery” feature in ERPM scans the network, detecting and securing default and well-known privileged logins that make it easy for unauthorized individuals and malware to gain control of sensitive data.

With ERPM, default and other easily-cracked and widely known passwords are automatically secured, and authorized IT administrators are given an authoritative audit trail of their access. As an added benefit, ERPM saves IT staff time by instantly providing login credentials, on-demand, for audited, delegated access to systems and applications.

“When ERPM performs automated discovery it attempts to use an “alt admin’ and otherwise well-known credentials, records any logins as known passwords in the web interface, and makes the account available for recovery,” said Chris Stoneff, Director of Professional Services at Lieberman Software. “ERPM’s ability to discover factory default passwords and alert IT to their existence is a significant security enhancement and meets a direct need for many of our large enterprise customers.”

ERPM automatically discovers, secures, tracks and audits the privileged account passwords in the enterprise. Privileged accounts hold elevated, “super-user” permission to install, configure and repair applications and hardware, and provide IT staff with shared, anonymous access to an organization’s most sensitive IT assets.