Weblog:   500 unique root passwords
Subject:   Possible Solution?
Date:   2006-04-04 03:21:08
From:   dropbox
create 500 envelopes with a random string in each. Concatenate this string with the global key and hash the result (do this for all 500 servers). The users now need both, the global key and the key in the corresponding envelope, so everytime you have to replace the root password you only have to replace the global key. If an single envelope is opened you can replace just this envelope.

What do you think?