If I have many Cisco switches connected to Windows radius, should I assign a different key to each switch? Is it a best practice? If I leave the key same on every host, it would ease my deployment.
Asked
Active
Viewed 172 times
0
-
1Usually you assign each entity its own authentication. Obviously using the same key makes all the switches vulnerable at once when its compromised. – Yorick de Wid Aug 24 '16 at 11:37
-
1Remember the advice about not using the same password for all your accounts, like your bank and twitter? Like that, only much, much more important. – schroeder May 23 '17 at 13:09
1 Answers
1
As mentioned in the comments, yes you should definitely. Especially if this is on a production network even more specifically if it's a customers production network.
It may "ease your deployment" but it wouldn't help at all if the network was breached. Please use different keys for each Radius client, it's not even a "best practice" it is purely common sense.
As Schroeder has stated it's the same thing with using different passwords for different accounts; you're only harming yourself by using the same "password". It may save you time now but it adds time to the aftermath of a breach.