/etc/passwd consolidation
Jeff Makey
Makey at LOGICON.ARPA
Sat Mar 4 06:29:13 AEST 1989
In article <7078 at thorin.cs.unc.edu> hamilton at harrison.cs.unc.edu (Johnny Hamilton) writes:
> Optimally, this utility would distribute the encoded password
> so that our programs that search for easy-to-break passwords would
> only have to work on one encryption for each user.
Of course, this also means that *their* (the bad guys') programs that
search for easy-to-guess (and not-so-easy-to-guess) passwords would
only have to work on one encryption for each user. Actually, the only
place you would have to run your guesser is at the password server
node, since you would know that any password guessed there would be on
all the other machines as well. The bad guys would know this too,
naturally.
I hope you have taken into consideration the security risks of using
the same password on more than one machine, since this must be weighed
against the convenience of this scheme.
:: Jeff Makey
Department of Tautological Pleonasms and Superfluous Redundancies Department
Disclaimer: Logicon doesn't even know we're running news.
Internet: Makey at LOGICON.ARPA UUCP: {nosc,ucsd}!logicon.arpa!Makey
More information about the Comp.unix.questions
mailing list