The present disclosure relates to security and, more specifically, to a method and system for accessing a first account using authentication information associated with a second account.
In an organization, a user or client may log into a protected network using a user or client account or a shared account. Typically, in such networks, shared accounts provide users with more rights or privileges than client accounts. In particular, shared accounts may include privileged accounts such as administrator accounts, superuser accounts, and other accounts with rights and privileges that may be used for system administration. Shared accounts may be exclusive (i.e., only one user or a limited number of users can access the shared account at any given time) or not exclusive (i.e., an unlimited or large number of users can access the shared account at the same time). Existing systems may provide users with permission to access and use a shared account with a password for that shared account. To provide security for the shared account, this password may be modified periodically.
In certain existing systems, a server may manage and control access to shared accounts. A user may be required to log or sign into the server to view a list of shared accounts that the user has authorization to access. Upon viewing the list of shared accounts, the user may check out a particular shared account in the list by selecting that particular shared account. The server then may provide a password for the particular shared account to the user. The user then may use the provided password to access the particular shared account. Once the user is done using the particular shared account, the user may then check in the particular shared account on the server.
However, in such systems, an unauthorized user may gain access to a shared account by learning the password of that shared account. Some existing systems address this problem by periodically changing the password for a shared account. Other existing systems may issue a one-time password for a shared account each time a user checks out that shared account. Nevertheless, by distributing passwords for shared accounts to users, existing systems increase the risk of unauthorized access to shared accounts. Moreover, the process that existing systems require users to undergo in order to obtain passwords for shared accounts may be burdensome and time-consuming.