Here's a *BRILLIANT* password idea!

[Nick Crossley]

In article <1096 at murtoa.cs.mu.oz.au> glf at munnari writes:
>From article <43034 at ccicpg.UUCP>, by nick at ccicpg.UUCP (Nick Crossley):
>> I have often wondered about the four-digit limit anyway - surely even some
>> branches must have close to 9999 accounts, let alone whole banks.  That does
>> make the code number very unique.
>
>Passwords never need be too unique as they are tied to the id of the requester
>and the methodolgy used to gain access to the protected enviroment.
>For ATM's the four digit number is reasonable
>

and another poster made a similar comment.  This does not make me feel any
happier.  If the password is not sufficiently unique, it has little value.
If all passwords were the same (the digit '1'), then loss of your ATM card
would be serious, as any person finding it could use it.  If all passwords were
drawn from a sufficiently small set, then the same applies.  This is more or
less what the Unix password debates have been about, and (presumably) what led
the original poster to comment on ATM systems.  We are trying to encourage
Unix users to use non-obvious passwords from a potentially very large set,
and there are versions of passwd which try to ensure the user does not limit
himself to a small alphabet.  At the same time, here is a much larger user base
than Unix users, trusting money to a very small password set.

I realise that there are differences; Unix users choose their own (easily
guessed) passwords, banks/computers choose those for ATMs, etc.  But...
-- 

<<< standard disclaimers >>>
Nick Crossley, CCI, 9801 Muirlands, Irvine, CA 92718-2521, USA
Tel. (714) 458-7282,  uucp: ...!uunet!ccicpg!nick