We all know that if we could restrict the keys to the kingdom, things would work perfectly, right? Well, at least we'd only have ourselves to blame But in the old spectrum of security vs. convenience, users skew us further and further. Some modern technology like virtual systems can help us provide sandboxes where sandboxes are due, but I still feel like most of us are faced with "give me admin rights or I will root this box and not tell you I did it anyway." Similar thing with passwords - shared passwords are awful, yet we have network devices, systems, and accounts where it just happens, out of convenience or necessity.
Where do you think we are on this curve on average (and if you have any experiences you can share, feel free)? Are there things we can we do to compromise better?
I've seen some common scenarios myself where people do NOT have admin rights and then start smuggling passwords like they are illicit drugs of the network (service accounts, something the admin had written down). I even saw recently on reddit that a user had installed a rootkit to get the admin password when the admin came to help them out.
PS: Thoughts of the week might be a little sporadic, posted at 3am, or semi-coherent for a few weeks, babies sleep on nobody's schedule!