Why avoid shared user accounts?Security precautions for shared iPads in a customer facing corporate...

Not a Long-Winded Riddle

Why is it that Bernie Sanders is always called a "socialist"?

Why do we have to make "peinlich" start with a capital letter and also end with -s in this sentence?

How to not let the Identify spell spoil everything?

Why did Luke use his left hand to shoot?

False written accusations not made public - is there law to cover this?

Why is a temp table a more efficient solution to the Halloween Problem than an eager spool?

How do you get out of your own psychology to write characters?

Why didn't Tom Riddle take the presence of Fawkes and the Sorting Hat as more of a threat?

Why avoid shared user accounts?

Why does 0.-5 evaluate to -5?

The No-Straight Maze

How vim overwrites readonly mode?

How do I prevent a homebrew Grappling Hook feature from trivializing Tomb of Annihilation?

What does an unprocessed RAW file look like?

Why did the villain in the first Men in Black movie care about Earth's Cockroaches?

Current across a wire with zero potential difference

What species should be used for storage of human minds?

Does the ditching switch allow an A320 to float indefinitely?

How to access internet and run apt-get through a middle server?

What is the difference between "...", '...', $'...', and $"..." quotes?

Non-Cancer terminal illness that can affect young (age 10-13) girls?

Is there any danger of my neighbor having my wife's signature?

Subsurf on a crown. How can I smooth some edges and keep others sharp?



Why avoid shared user accounts?


Security precautions for shared iPads in a customer facing corporate environmentHow to secure shared user on build server?Privileged access management vs named accountsIs it good practice if all programs have their own user ID?Why delete user accounts, when no longer needed - businessSolution to hide a shared password to usersUnix - Is it safe by default to give a new user ssh access and be certain they can not alter the system?Is there a security advantage or risk in removing disabled user accounts?Dealing with shared credentials when an employee leavesHow to catch people creating many accounts on the same website using very unique credentials?













24















I know its best practice not to allow shared user accounts, but where is this best practice defined? Is it an ISO standard or something? What is the reasons to always create per person accounts?










share|improve this question









New contributor




Steve Venton is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 7





    Auditing is the main argument.

    – ThoriumBR
    21 hours ago
















24















I know its best practice not to allow shared user accounts, but where is this best practice defined? Is it an ISO standard or something? What is the reasons to always create per person accounts?










share|improve this question









New contributor




Steve Venton is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 7





    Auditing is the main argument.

    – ThoriumBR
    21 hours ago














24












24








24


1






I know its best practice not to allow shared user accounts, but where is this best practice defined? Is it an ISO standard or something? What is the reasons to always create per person accounts?










share|improve this question









New contributor




Steve Venton is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












I know its best practice not to allow shared user accounts, but where is this best practice defined? Is it an ISO standard or something? What is the reasons to always create per person accounts?







access-control user-management






share|improve this question









New contributor




Steve Venton is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




Steve Venton is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 18 hours ago









Anders

49.3k22143161




49.3k22143161






New contributor




Steve Venton is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 21 hours ago









Steve VentonSteve Venton

12413




12413




New contributor




Steve Venton is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Steve Venton is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Steve Venton is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








  • 7





    Auditing is the main argument.

    – ThoriumBR
    21 hours ago














  • 7





    Auditing is the main argument.

    – ThoriumBR
    21 hours ago








7




7





Auditing is the main argument.

– ThoriumBR
21 hours ago





Auditing is the main argument.

– ThoriumBR
21 hours ago










6 Answers
6






active

oldest

votes


















61














Alice and Eve work for Bob. Alice is a very good worker who does exactly what Bob asks her to do. Eve is a criminal mastermind hell-bent on destroying Bob's company.



Alice and Eve both share the same account.



Eve logs into the account and uses it to sabotage an important business process. The audit log captures this action.



How does Bob know who sabotaged his company? He has to get rid of the bad actor, but can't fire both of them, because his company depends on the work that they do. He could fire just one, but he has no way of knowing which one is his friend and which one is his enemy.



If Alice and Eve had separate accounts, Bob could be sure that Eve was the one who did the sabotage. Eve might even avoid doing the sabotage, if she knows her account will be audited and she will be caught.



EDIT: Adding from comments:



If Eve quits, you now need to reset the password on every account she had access to, rather than just disabling her personal accounts. This is much harder to manage, and you will miss accounts.



Additionally, it removes your ability to have granular control over access. If Alice should be writing checks, and Eve should be signing them, you essentially have no technological way to enforce that if they share the same account.






share|improve this answer





















  • 15





    +1 Except that Eve, being a criminal mastermind, would have hacked in to Bob's account so he would have had to fire himself :-)

    – TripeHound
    20 hours ago






  • 32





    A more common situation: Eve quits or gets fired. Now you have to change the credentials for everything Eve was using (assuming you know that), you can't just disable Eve's account(s).

    – JimmyJames
    20 hours ago






  • 7





    Shared accounts also makes it much harder to detect when a bad actor has gained access to an account they should have access to.

    – JimmyJames
    20 hours ago











  • Added to body. I didn't add the part about account compromise because I think that applies to all accounts. If I'm misthinking that please let me know and I'll throw it in.

    – Adonalsium
    19 hours ago






  • 9





    Even if Eve isn't out to sabotage the company, Alice and Eve's sharing an account also means that Bob can't give Alice additional permissions without also giving them to Eve. If Alice is promoted and now has access to data X, Eve gets it, too.

    – minnmass
    17 hours ago



















9














You should use separated account in all contexts (security on the top).

Adonalsium example show you because it's required.
There are some rare situations where it is "not possible" or "not usefull" ...



Examples:
"not possible" (legacy protocols/applications)
"no relevant" (anonymous actions)



If it is no possible, but you need to identify, you have to mitigate the risk adding more source informations as possible (e.g. connection info, connection time, etc ...)



You can check ISO 27001 Risk Assessment Methodology, ISO 31000 Risk management as starting point to answer to your question "Why avoid shared user accounts?"






share|improve this answer








New contributor




WaltZie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




























    2














    The typical answer is accountability, traceability, etc; In other words to be able to know who exactly did what.



    A shared account has n potential people doing something but all that you have points to one account doing that thing.



    This problem is usually lifted by making sure someone is legally responsible for the activities of this account. This may or may not be feasible, and you may not have someone taking responsibility for the actions of others.



    This problem often occurs when you outsource some monitoring activities - the account which does the monitoring tasks should be contractually in charge of that company, which is responsible for its actions.



    If you cannot assign a responsible person, it is then up to management to make a decision based on the risk: not having a service vs. not knowing who does what with that account.






    share|improve this answer































      0














      I only know one exception to that rule. There is one single machine that is shared by several users, and the following assertions are all true:




      • one and only one of those users is in charge of this machine at any moment

      • the account can only be used on the local machine - disabled via network


      This may happen on 7/7 24/24 systems. In that use case, you still keep an acceptable imputability by knowing the user that was present at a specific moment, provided you could set the above second rule. But in fact, it is equivalent at having an account with no password, and only using physical security.






      share|improve this answer































        0














        Best practices are nowhere "defined", that's what the term means. A best practice is simply an established way of doing things that most people think is the best way.



        It goes the other way around. Once a "best practice" is dominant, usually someone on a standards board decides to put it into some ISO or other norm. It then rests there, usually without explicit reasoning, or a circular reasoning pointing out that this is best practice.



        The reasons for this particular practice are likewise practical ones. If Alice and Bob share an account and something bad happens, they will both point to the other person and you have no way of figuring out who did it. With personal accounts, they'll claim it was compromised, but then you at least have a single point to investigate further.



        There are also explicit requirements for accountability in many sub-fields such as compliance, and they play into this.






        share|improve this answer































          -7














          The easiest way to do that is add 'social sign on' instead of traditional username/password system. So now users need to log in with their social accounts like Facebook (company), LinkedIn (product) or Google (company) and people rarely share their social account credentials with others! This will reduce account sharing by over 90%.






          share|improve this answer








          New contributor




          drsmith is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
          Check out our Code of Conduct.
















          • 7





            OP is asking why to avoid account sharing not how, so this doesn't provide an answer to the question. Although if it did, I would probably want some source on where that 90% number came from.

            – DasBeasto
            16 hours ago






          • 7





            Why would you want to tie your personal social accounts to your work? Don't like privacy (or even it's illusion) anymore?

            – Xen2050
            11 hours ago






          • 2





            These are business accounts, not personal accounts. Besides which, I'd not want Google or Facebook to have access to my business accounts. We have company internal LDAP servers for a reason. Heck, most of our customers would cancel their contracts instantly if we used things like Facebook accounts for our company network, as they don't want any information to potentially be stored on servers in another country, not even usernames.

            – jwenting
            5 hours ago






          • 2





            This is terrifying. Please rethink through what you're recommending and how badly it could go.

            – Criggie
            3 hours ago











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "162"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          noCode: true, onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });






          Steve Venton is a new contributor. Be nice, and check out our Code of Conduct.










          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f204249%2fwhy-avoid-shared-user-accounts%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          6 Answers
          6






          active

          oldest

          votes








          6 Answers
          6






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          61














          Alice and Eve work for Bob. Alice is a very good worker who does exactly what Bob asks her to do. Eve is a criminal mastermind hell-bent on destroying Bob's company.



          Alice and Eve both share the same account.



          Eve logs into the account and uses it to sabotage an important business process. The audit log captures this action.



          How does Bob know who sabotaged his company? He has to get rid of the bad actor, but can't fire both of them, because his company depends on the work that they do. He could fire just one, but he has no way of knowing which one is his friend and which one is his enemy.



          If Alice and Eve had separate accounts, Bob could be sure that Eve was the one who did the sabotage. Eve might even avoid doing the sabotage, if she knows her account will be audited and she will be caught.



          EDIT: Adding from comments:



          If Eve quits, you now need to reset the password on every account she had access to, rather than just disabling her personal accounts. This is much harder to manage, and you will miss accounts.



          Additionally, it removes your ability to have granular control over access. If Alice should be writing checks, and Eve should be signing them, you essentially have no technological way to enforce that if they share the same account.






          share|improve this answer





















          • 15





            +1 Except that Eve, being a criminal mastermind, would have hacked in to Bob's account so he would have had to fire himself :-)

            – TripeHound
            20 hours ago






          • 32





            A more common situation: Eve quits or gets fired. Now you have to change the credentials for everything Eve was using (assuming you know that), you can't just disable Eve's account(s).

            – JimmyJames
            20 hours ago






          • 7





            Shared accounts also makes it much harder to detect when a bad actor has gained access to an account they should have access to.

            – JimmyJames
            20 hours ago











          • Added to body. I didn't add the part about account compromise because I think that applies to all accounts. If I'm misthinking that please let me know and I'll throw it in.

            – Adonalsium
            19 hours ago






          • 9





            Even if Eve isn't out to sabotage the company, Alice and Eve's sharing an account also means that Bob can't give Alice additional permissions without also giving them to Eve. If Alice is promoted and now has access to data X, Eve gets it, too.

            – minnmass
            17 hours ago
















          61














          Alice and Eve work for Bob. Alice is a very good worker who does exactly what Bob asks her to do. Eve is a criminal mastermind hell-bent on destroying Bob's company.



          Alice and Eve both share the same account.



          Eve logs into the account and uses it to sabotage an important business process. The audit log captures this action.



          How does Bob know who sabotaged his company? He has to get rid of the bad actor, but can't fire both of them, because his company depends on the work that they do. He could fire just one, but he has no way of knowing which one is his friend and which one is his enemy.



          If Alice and Eve had separate accounts, Bob could be sure that Eve was the one who did the sabotage. Eve might even avoid doing the sabotage, if she knows her account will be audited and she will be caught.



          EDIT: Adding from comments:



          If Eve quits, you now need to reset the password on every account she had access to, rather than just disabling her personal accounts. This is much harder to manage, and you will miss accounts.



          Additionally, it removes your ability to have granular control over access. If Alice should be writing checks, and Eve should be signing them, you essentially have no technological way to enforce that if they share the same account.






          share|improve this answer





















          • 15





            +1 Except that Eve, being a criminal mastermind, would have hacked in to Bob's account so he would have had to fire himself :-)

            – TripeHound
            20 hours ago






          • 32





            A more common situation: Eve quits or gets fired. Now you have to change the credentials for everything Eve was using (assuming you know that), you can't just disable Eve's account(s).

            – JimmyJames
            20 hours ago






          • 7





            Shared accounts also makes it much harder to detect when a bad actor has gained access to an account they should have access to.

            – JimmyJames
            20 hours ago











          • Added to body. I didn't add the part about account compromise because I think that applies to all accounts. If I'm misthinking that please let me know and I'll throw it in.

            – Adonalsium
            19 hours ago






          • 9





            Even if Eve isn't out to sabotage the company, Alice and Eve's sharing an account also means that Bob can't give Alice additional permissions without also giving them to Eve. If Alice is promoted and now has access to data X, Eve gets it, too.

            – minnmass
            17 hours ago














          61












          61








          61







          Alice and Eve work for Bob. Alice is a very good worker who does exactly what Bob asks her to do. Eve is a criminal mastermind hell-bent on destroying Bob's company.



          Alice and Eve both share the same account.



          Eve logs into the account and uses it to sabotage an important business process. The audit log captures this action.



          How does Bob know who sabotaged his company? He has to get rid of the bad actor, but can't fire both of them, because his company depends on the work that they do. He could fire just one, but he has no way of knowing which one is his friend and which one is his enemy.



          If Alice and Eve had separate accounts, Bob could be sure that Eve was the one who did the sabotage. Eve might even avoid doing the sabotage, if she knows her account will be audited and she will be caught.



          EDIT: Adding from comments:



          If Eve quits, you now need to reset the password on every account she had access to, rather than just disabling her personal accounts. This is much harder to manage, and you will miss accounts.



          Additionally, it removes your ability to have granular control over access. If Alice should be writing checks, and Eve should be signing them, you essentially have no technological way to enforce that if they share the same account.






          share|improve this answer















          Alice and Eve work for Bob. Alice is a very good worker who does exactly what Bob asks her to do. Eve is a criminal mastermind hell-bent on destroying Bob's company.



          Alice and Eve both share the same account.



          Eve logs into the account and uses it to sabotage an important business process. The audit log captures this action.



          How does Bob know who sabotaged his company? He has to get rid of the bad actor, but can't fire both of them, because his company depends on the work that they do. He could fire just one, but he has no way of knowing which one is his friend and which one is his enemy.



          If Alice and Eve had separate accounts, Bob could be sure that Eve was the one who did the sabotage. Eve might even avoid doing the sabotage, if she knows her account will be audited and she will be caught.



          EDIT: Adding from comments:



          If Eve quits, you now need to reset the password on every account she had access to, rather than just disabling her personal accounts. This is much harder to manage, and you will miss accounts.



          Additionally, it removes your ability to have granular control over access. If Alice should be writing checks, and Eve should be signing them, you essentially have no technological way to enforce that if they share the same account.







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited 15 hours ago

























          answered 21 hours ago









          AdonalsiumAdonalsium

          2,761719




          2,761719








          • 15





            +1 Except that Eve, being a criminal mastermind, would have hacked in to Bob's account so he would have had to fire himself :-)

            – TripeHound
            20 hours ago






          • 32





            A more common situation: Eve quits or gets fired. Now you have to change the credentials for everything Eve was using (assuming you know that), you can't just disable Eve's account(s).

            – JimmyJames
            20 hours ago






          • 7





            Shared accounts also makes it much harder to detect when a bad actor has gained access to an account they should have access to.

            – JimmyJames
            20 hours ago











          • Added to body. I didn't add the part about account compromise because I think that applies to all accounts. If I'm misthinking that please let me know and I'll throw it in.

            – Adonalsium
            19 hours ago






          • 9





            Even if Eve isn't out to sabotage the company, Alice and Eve's sharing an account also means that Bob can't give Alice additional permissions without also giving them to Eve. If Alice is promoted and now has access to data X, Eve gets it, too.

            – minnmass
            17 hours ago














          • 15





            +1 Except that Eve, being a criminal mastermind, would have hacked in to Bob's account so he would have had to fire himself :-)

            – TripeHound
            20 hours ago






          • 32





            A more common situation: Eve quits or gets fired. Now you have to change the credentials for everything Eve was using (assuming you know that), you can't just disable Eve's account(s).

            – JimmyJames
            20 hours ago






          • 7





            Shared accounts also makes it much harder to detect when a bad actor has gained access to an account they should have access to.

            – JimmyJames
            20 hours ago











          • Added to body. I didn't add the part about account compromise because I think that applies to all accounts. If I'm misthinking that please let me know and I'll throw it in.

            – Adonalsium
            19 hours ago






          • 9





            Even if Eve isn't out to sabotage the company, Alice and Eve's sharing an account also means that Bob can't give Alice additional permissions without also giving them to Eve. If Alice is promoted and now has access to data X, Eve gets it, too.

            – minnmass
            17 hours ago








          15




          15





          +1 Except that Eve, being a criminal mastermind, would have hacked in to Bob's account so he would have had to fire himself :-)

          – TripeHound
          20 hours ago





          +1 Except that Eve, being a criminal mastermind, would have hacked in to Bob's account so he would have had to fire himself :-)

          – TripeHound
          20 hours ago




          32




          32





          A more common situation: Eve quits or gets fired. Now you have to change the credentials for everything Eve was using (assuming you know that), you can't just disable Eve's account(s).

          – JimmyJames
          20 hours ago





          A more common situation: Eve quits or gets fired. Now you have to change the credentials for everything Eve was using (assuming you know that), you can't just disable Eve's account(s).

          – JimmyJames
          20 hours ago




          7




          7





          Shared accounts also makes it much harder to detect when a bad actor has gained access to an account they should have access to.

          – JimmyJames
          20 hours ago





          Shared accounts also makes it much harder to detect when a bad actor has gained access to an account they should have access to.

          – JimmyJames
          20 hours ago













          Added to body. I didn't add the part about account compromise because I think that applies to all accounts. If I'm misthinking that please let me know and I'll throw it in.

          – Adonalsium
          19 hours ago





          Added to body. I didn't add the part about account compromise because I think that applies to all accounts. If I'm misthinking that please let me know and I'll throw it in.

          – Adonalsium
          19 hours ago




          9




          9





          Even if Eve isn't out to sabotage the company, Alice and Eve's sharing an account also means that Bob can't give Alice additional permissions without also giving them to Eve. If Alice is promoted and now has access to data X, Eve gets it, too.

          – minnmass
          17 hours ago





          Even if Eve isn't out to sabotage the company, Alice and Eve's sharing an account also means that Bob can't give Alice additional permissions without also giving them to Eve. If Alice is promoted and now has access to data X, Eve gets it, too.

          – minnmass
          17 hours ago













          9














          You should use separated account in all contexts (security on the top).

          Adonalsium example show you because it's required.
          There are some rare situations where it is "not possible" or "not usefull" ...



          Examples:
          "not possible" (legacy protocols/applications)
          "no relevant" (anonymous actions)



          If it is no possible, but you need to identify, you have to mitigate the risk adding more source informations as possible (e.g. connection info, connection time, etc ...)



          You can check ISO 27001 Risk Assessment Methodology, ISO 31000 Risk management as starting point to answer to your question "Why avoid shared user accounts?"






          share|improve this answer








          New contributor




          WaltZie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
          Check out our Code of Conduct.

























            9














            You should use separated account in all contexts (security on the top).

            Adonalsium example show you because it's required.
            There are some rare situations where it is "not possible" or "not usefull" ...



            Examples:
            "not possible" (legacy protocols/applications)
            "no relevant" (anonymous actions)



            If it is no possible, but you need to identify, you have to mitigate the risk adding more source informations as possible (e.g. connection info, connection time, etc ...)



            You can check ISO 27001 Risk Assessment Methodology, ISO 31000 Risk management as starting point to answer to your question "Why avoid shared user accounts?"






            share|improve this answer








            New contributor




            WaltZie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
            Check out our Code of Conduct.























              9












              9








              9







              You should use separated account in all contexts (security on the top).

              Adonalsium example show you because it's required.
              There are some rare situations where it is "not possible" or "not usefull" ...



              Examples:
              "not possible" (legacy protocols/applications)
              "no relevant" (anonymous actions)



              If it is no possible, but you need to identify, you have to mitigate the risk adding more source informations as possible (e.g. connection info, connection time, etc ...)



              You can check ISO 27001 Risk Assessment Methodology, ISO 31000 Risk management as starting point to answer to your question "Why avoid shared user accounts?"






              share|improve this answer








              New contributor




              WaltZie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.










              You should use separated account in all contexts (security on the top).

              Adonalsium example show you because it's required.
              There are some rare situations where it is "not possible" or "not usefull" ...



              Examples:
              "not possible" (legacy protocols/applications)
              "no relevant" (anonymous actions)



              If it is no possible, but you need to identify, you have to mitigate the risk adding more source informations as possible (e.g. connection info, connection time, etc ...)



              You can check ISO 27001 Risk Assessment Methodology, ISO 31000 Risk management as starting point to answer to your question "Why avoid shared user accounts?"







              share|improve this answer








              New contributor




              WaltZie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.









              share|improve this answer



              share|improve this answer






              New contributor




              WaltZie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.









              answered 20 hours ago









              WaltZieWaltZie

              1011




              1011




              New contributor




              WaltZie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.





              New contributor





              WaltZie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.






              WaltZie is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.























                  2














                  The typical answer is accountability, traceability, etc; In other words to be able to know who exactly did what.



                  A shared account has n potential people doing something but all that you have points to one account doing that thing.



                  This problem is usually lifted by making sure someone is legally responsible for the activities of this account. This may or may not be feasible, and you may not have someone taking responsibility for the actions of others.



                  This problem often occurs when you outsource some monitoring activities - the account which does the monitoring tasks should be contractually in charge of that company, which is responsible for its actions.



                  If you cannot assign a responsible person, it is then up to management to make a decision based on the risk: not having a service vs. not knowing who does what with that account.






                  share|improve this answer




























                    2














                    The typical answer is accountability, traceability, etc; In other words to be able to know who exactly did what.



                    A shared account has n potential people doing something but all that you have points to one account doing that thing.



                    This problem is usually lifted by making sure someone is legally responsible for the activities of this account. This may or may not be feasible, and you may not have someone taking responsibility for the actions of others.



                    This problem often occurs when you outsource some monitoring activities - the account which does the monitoring tasks should be contractually in charge of that company, which is responsible for its actions.



                    If you cannot assign a responsible person, it is then up to management to make a decision based on the risk: not having a service vs. not knowing who does what with that account.






                    share|improve this answer


























                      2












                      2








                      2







                      The typical answer is accountability, traceability, etc; In other words to be able to know who exactly did what.



                      A shared account has n potential people doing something but all that you have points to one account doing that thing.



                      This problem is usually lifted by making sure someone is legally responsible for the activities of this account. This may or may not be feasible, and you may not have someone taking responsibility for the actions of others.



                      This problem often occurs when you outsource some monitoring activities - the account which does the monitoring tasks should be contractually in charge of that company, which is responsible for its actions.



                      If you cannot assign a responsible person, it is then up to management to make a decision based on the risk: not having a service vs. not knowing who does what with that account.






                      share|improve this answer













                      The typical answer is accountability, traceability, etc; In other words to be able to know who exactly did what.



                      A shared account has n potential people doing something but all that you have points to one account doing that thing.



                      This problem is usually lifted by making sure someone is legally responsible for the activities of this account. This may or may not be feasible, and you may not have someone taking responsibility for the actions of others.



                      This problem often occurs when you outsource some monitoring activities - the account which does the monitoring tasks should be contractually in charge of that company, which is responsible for its actions.



                      If you cannot assign a responsible person, it is then up to management to make a decision based on the risk: not having a service vs. not knowing who does what with that account.







                      share|improve this answer












                      share|improve this answer



                      share|improve this answer










                      answered 19 hours ago









                      WoJWoJ

                      7,04712544




                      7,04712544























                          0














                          I only know one exception to that rule. There is one single machine that is shared by several users, and the following assertions are all true:




                          • one and only one of those users is in charge of this machine at any moment

                          • the account can only be used on the local machine - disabled via network


                          This may happen on 7/7 24/24 systems. In that use case, you still keep an acceptable imputability by knowing the user that was present at a specific moment, provided you could set the above second rule. But in fact, it is equivalent at having an account with no password, and only using physical security.






                          share|improve this answer




























                            0














                            I only know one exception to that rule. There is one single machine that is shared by several users, and the following assertions are all true:




                            • one and only one of those users is in charge of this machine at any moment

                            • the account can only be used on the local machine - disabled via network


                            This may happen on 7/7 24/24 systems. In that use case, you still keep an acceptable imputability by knowing the user that was present at a specific moment, provided you could set the above second rule. But in fact, it is equivalent at having an account with no password, and only using physical security.






                            share|improve this answer


























                              0












                              0








                              0







                              I only know one exception to that rule. There is one single machine that is shared by several users, and the following assertions are all true:




                              • one and only one of those users is in charge of this machine at any moment

                              • the account can only be used on the local machine - disabled via network


                              This may happen on 7/7 24/24 systems. In that use case, you still keep an acceptable imputability by knowing the user that was present at a specific moment, provided you could set the above second rule. But in fact, it is equivalent at having an account with no password, and only using physical security.






                              share|improve this answer













                              I only know one exception to that rule. There is one single machine that is shared by several users, and the following assertions are all true:




                              • one and only one of those users is in charge of this machine at any moment

                              • the account can only be used on the local machine - disabled via network


                              This may happen on 7/7 24/24 systems. In that use case, you still keep an acceptable imputability by knowing the user that was present at a specific moment, provided you could set the above second rule. But in fact, it is equivalent at having an account with no password, and only using physical security.







                              share|improve this answer












                              share|improve this answer



                              share|improve this answer










                              answered 6 hours ago









                              Serge BallestaSerge Ballesta

                              16.8k32661




                              16.8k32661























                                  0














                                  Best practices are nowhere "defined", that's what the term means. A best practice is simply an established way of doing things that most people think is the best way.



                                  It goes the other way around. Once a "best practice" is dominant, usually someone on a standards board decides to put it into some ISO or other norm. It then rests there, usually without explicit reasoning, or a circular reasoning pointing out that this is best practice.



                                  The reasons for this particular practice are likewise practical ones. If Alice and Bob share an account and something bad happens, they will both point to the other person and you have no way of figuring out who did it. With personal accounts, they'll claim it was compromised, but then you at least have a single point to investigate further.



                                  There are also explicit requirements for accountability in many sub-fields such as compliance, and they play into this.






                                  share|improve this answer




























                                    0














                                    Best practices are nowhere "defined", that's what the term means. A best practice is simply an established way of doing things that most people think is the best way.



                                    It goes the other way around. Once a "best practice" is dominant, usually someone on a standards board decides to put it into some ISO or other norm. It then rests there, usually without explicit reasoning, or a circular reasoning pointing out that this is best practice.



                                    The reasons for this particular practice are likewise practical ones. If Alice and Bob share an account and something bad happens, they will both point to the other person and you have no way of figuring out who did it. With personal accounts, they'll claim it was compromised, but then you at least have a single point to investigate further.



                                    There are also explicit requirements for accountability in many sub-fields such as compliance, and they play into this.






                                    share|improve this answer


























                                      0












                                      0








                                      0







                                      Best practices are nowhere "defined", that's what the term means. A best practice is simply an established way of doing things that most people think is the best way.



                                      It goes the other way around. Once a "best practice" is dominant, usually someone on a standards board decides to put it into some ISO or other norm. It then rests there, usually without explicit reasoning, or a circular reasoning pointing out that this is best practice.



                                      The reasons for this particular practice are likewise practical ones. If Alice and Bob share an account and something bad happens, they will both point to the other person and you have no way of figuring out who did it. With personal accounts, they'll claim it was compromised, but then you at least have a single point to investigate further.



                                      There are also explicit requirements for accountability in many sub-fields such as compliance, and they play into this.






                                      share|improve this answer













                                      Best practices are nowhere "defined", that's what the term means. A best practice is simply an established way of doing things that most people think is the best way.



                                      It goes the other way around. Once a "best practice" is dominant, usually someone on a standards board decides to put it into some ISO or other norm. It then rests there, usually without explicit reasoning, or a circular reasoning pointing out that this is best practice.



                                      The reasons for this particular practice are likewise practical ones. If Alice and Bob share an account and something bad happens, they will both point to the other person and you have no way of figuring out who did it. With personal accounts, they'll claim it was compromised, but then you at least have a single point to investigate further.



                                      There are also explicit requirements for accountability in many sub-fields such as compliance, and they play into this.







                                      share|improve this answer












                                      share|improve this answer



                                      share|improve this answer










                                      answered 2 hours ago









                                      TomTom

                                      5,313831




                                      5,313831























                                          -7














                                          The easiest way to do that is add 'social sign on' instead of traditional username/password system. So now users need to log in with their social accounts like Facebook (company), LinkedIn (product) or Google (company) and people rarely share their social account credentials with others! This will reduce account sharing by over 90%.






                                          share|improve this answer








                                          New contributor




                                          drsmith is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                          Check out our Code of Conduct.
















                                          • 7





                                            OP is asking why to avoid account sharing not how, so this doesn't provide an answer to the question. Although if it did, I would probably want some source on where that 90% number came from.

                                            – DasBeasto
                                            16 hours ago






                                          • 7





                                            Why would you want to tie your personal social accounts to your work? Don't like privacy (or even it's illusion) anymore?

                                            – Xen2050
                                            11 hours ago






                                          • 2





                                            These are business accounts, not personal accounts. Besides which, I'd not want Google or Facebook to have access to my business accounts. We have company internal LDAP servers for a reason. Heck, most of our customers would cancel their contracts instantly if we used things like Facebook accounts for our company network, as they don't want any information to potentially be stored on servers in another country, not even usernames.

                                            – jwenting
                                            5 hours ago






                                          • 2





                                            This is terrifying. Please rethink through what you're recommending and how badly it could go.

                                            – Criggie
                                            3 hours ago
















                                          -7














                                          The easiest way to do that is add 'social sign on' instead of traditional username/password system. So now users need to log in with their social accounts like Facebook (company), LinkedIn (product) or Google (company) and people rarely share their social account credentials with others! This will reduce account sharing by over 90%.






                                          share|improve this answer








                                          New contributor




                                          drsmith is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                          Check out our Code of Conduct.
















                                          • 7





                                            OP is asking why to avoid account sharing not how, so this doesn't provide an answer to the question. Although if it did, I would probably want some source on where that 90% number came from.

                                            – DasBeasto
                                            16 hours ago






                                          • 7





                                            Why would you want to tie your personal social accounts to your work? Don't like privacy (or even it's illusion) anymore?

                                            – Xen2050
                                            11 hours ago






                                          • 2





                                            These are business accounts, not personal accounts. Besides which, I'd not want Google or Facebook to have access to my business accounts. We have company internal LDAP servers for a reason. Heck, most of our customers would cancel their contracts instantly if we used things like Facebook accounts for our company network, as they don't want any information to potentially be stored on servers in another country, not even usernames.

                                            – jwenting
                                            5 hours ago






                                          • 2





                                            This is terrifying. Please rethink through what you're recommending and how badly it could go.

                                            – Criggie
                                            3 hours ago














                                          -7












                                          -7








                                          -7







                                          The easiest way to do that is add 'social sign on' instead of traditional username/password system. So now users need to log in with their social accounts like Facebook (company), LinkedIn (product) or Google (company) and people rarely share their social account credentials with others! This will reduce account sharing by over 90%.






                                          share|improve this answer








                                          New contributor




                                          drsmith is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                          Check out our Code of Conduct.










                                          The easiest way to do that is add 'social sign on' instead of traditional username/password system. So now users need to log in with their social accounts like Facebook (company), LinkedIn (product) or Google (company) and people rarely share their social account credentials with others! This will reduce account sharing by over 90%.







                                          share|improve this answer








                                          New contributor




                                          drsmith is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                          Check out our Code of Conduct.









                                          share|improve this answer



                                          share|improve this answer






                                          New contributor




                                          drsmith is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                          Check out our Code of Conduct.









                                          answered 16 hours ago









                                          drsmithdrsmith

                                          1




                                          1




                                          New contributor




                                          drsmith is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                          Check out our Code of Conduct.





                                          New contributor





                                          drsmith is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                          Check out our Code of Conduct.






                                          drsmith is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                          Check out our Code of Conduct.








                                          • 7





                                            OP is asking why to avoid account sharing not how, so this doesn't provide an answer to the question. Although if it did, I would probably want some source on where that 90% number came from.

                                            – DasBeasto
                                            16 hours ago






                                          • 7





                                            Why would you want to tie your personal social accounts to your work? Don't like privacy (or even it's illusion) anymore?

                                            – Xen2050
                                            11 hours ago






                                          • 2





                                            These are business accounts, not personal accounts. Besides which, I'd not want Google or Facebook to have access to my business accounts. We have company internal LDAP servers for a reason. Heck, most of our customers would cancel their contracts instantly if we used things like Facebook accounts for our company network, as they don't want any information to potentially be stored on servers in another country, not even usernames.

                                            – jwenting
                                            5 hours ago






                                          • 2





                                            This is terrifying. Please rethink through what you're recommending and how badly it could go.

                                            – Criggie
                                            3 hours ago














                                          • 7





                                            OP is asking why to avoid account sharing not how, so this doesn't provide an answer to the question. Although if it did, I would probably want some source on where that 90% number came from.

                                            – DasBeasto
                                            16 hours ago






                                          • 7





                                            Why would you want to tie your personal social accounts to your work? Don't like privacy (or even it's illusion) anymore?

                                            – Xen2050
                                            11 hours ago






                                          • 2





                                            These are business accounts, not personal accounts. Besides which, I'd not want Google or Facebook to have access to my business accounts. We have company internal LDAP servers for a reason. Heck, most of our customers would cancel their contracts instantly if we used things like Facebook accounts for our company network, as they don't want any information to potentially be stored on servers in another country, not even usernames.

                                            – jwenting
                                            5 hours ago






                                          • 2





                                            This is terrifying. Please rethink through what you're recommending and how badly it could go.

                                            – Criggie
                                            3 hours ago








                                          7




                                          7





                                          OP is asking why to avoid account sharing not how, so this doesn't provide an answer to the question. Although if it did, I would probably want some source on where that 90% number came from.

                                          – DasBeasto
                                          16 hours ago





                                          OP is asking why to avoid account sharing not how, so this doesn't provide an answer to the question. Although if it did, I would probably want some source on where that 90% number came from.

                                          – DasBeasto
                                          16 hours ago




                                          7




                                          7





                                          Why would you want to tie your personal social accounts to your work? Don't like privacy (or even it's illusion) anymore?

                                          – Xen2050
                                          11 hours ago





                                          Why would you want to tie your personal social accounts to your work? Don't like privacy (or even it's illusion) anymore?

                                          – Xen2050
                                          11 hours ago




                                          2




                                          2





                                          These are business accounts, not personal accounts. Besides which, I'd not want Google or Facebook to have access to my business accounts. We have company internal LDAP servers for a reason. Heck, most of our customers would cancel their contracts instantly if we used things like Facebook accounts for our company network, as they don't want any information to potentially be stored on servers in another country, not even usernames.

                                          – jwenting
                                          5 hours ago





                                          These are business accounts, not personal accounts. Besides which, I'd not want Google or Facebook to have access to my business accounts. We have company internal LDAP servers for a reason. Heck, most of our customers would cancel their contracts instantly if we used things like Facebook accounts for our company network, as they don't want any information to potentially be stored on servers in another country, not even usernames.

                                          – jwenting
                                          5 hours ago




                                          2




                                          2





                                          This is terrifying. Please rethink through what you're recommending and how badly it could go.

                                          – Criggie
                                          3 hours ago





                                          This is terrifying. Please rethink through what you're recommending and how badly it could go.

                                          – Criggie
                                          3 hours ago










                                          Steve Venton is a new contributor. Be nice, and check out our Code of Conduct.










                                          draft saved

                                          draft discarded


















                                          Steve Venton is a new contributor. Be nice, and check out our Code of Conduct.













                                          Steve Venton is a new contributor. Be nice, and check out our Code of Conduct.












                                          Steve Venton is a new contributor. Be nice, and check out our Code of Conduct.
















                                          Thanks for contributing an answer to Information Security Stack Exchange!


                                          • Please be sure to answer the question. Provide details and share your research!

                                          But avoid



                                          • Asking for help, clarification, or responding to other answers.

                                          • Making statements based on opinion; back them up with references or personal experience.


                                          To learn more, see our tips on writing great answers.




                                          draft saved


                                          draft discarded














                                          StackExchange.ready(
                                          function () {
                                          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f204249%2fwhy-avoid-shared-user-accounts%23new-answer', 'question_page');
                                          }
                                          );

                                          Post as a guest















                                          Required, but never shown





















































                                          Required, but never shown














                                          Required, but never shown












                                          Required, but never shown







                                          Required, but never shown

































                                          Required, but never shown














                                          Required, but never shown












                                          Required, but never shown







                                          Required, but never shown







                                          Popular posts from this blog

                                          “%fieldName is a required field.”, in Magento2 REST API Call for GET Method Type The Next...

                                          How to change City field to a dropdown in Checkout step Magento 2Magento 2 : How to change UI field(s)...

                                          變成蝙蝠會怎樣? 參考資料 外部連結 导航菜单Thomas Nagel, "What is it like to be a...