We have a number of servers that perform different functions and every 60 days we do password refreshes. Normally this isn't an issue but we have these passwords stored in web configs all over the place (sql connections strings for example).
We thought about using powershell script to search the drives on a server for *.config that contain that user and changing the password to the new one. This would cut the task time down by a few hours easily.
I am wondering if that is even a good idea. Seems like there would be a lot of risk there. Or are there third party solutions out there, either open source or enterprise level, that would better accomplish this task?
