What should the password/security/userinfo/login system include?

[Peter da Silva]

In article <10665 at unix.UUCP> ram at attcan.UUCP (Richard Meesters) writes:
> In article <7284 at ficc.uu.net>, peter at ficc.uu.net (Peter da Silva) writes:
> > Password aging makes it more likely that a user will use the same password
> > on a large number of machines, simply because it increases the number of
> > things that user needs to remember.

> Huh?  Maybe I'm not reading this right.  Users will naturally gravitate to
> using the same password on multiple systems, IMHO, for the same reasons you
> have listed above.

If the user is conscientious, then they will use different passwords up
to some limit. The more frequently they have to switch to a new password,
the fewer machines they'll be willing to have unique passwords on.

If the user is not conscientious, they'll use the same password everywhere
and minimise the effect of aging by using (say) "secret1" then "secret2",
or toggle between two passwords, or otherwise work around the password aging.

So, at the best password aging doesn't improve security. At worst, it
reduces it.

When the system makes *me* change, I then change back to the old one. And
change passwords on my schedule.

> > 	* Stripping everything from the password file but name, password,
> > 	  user id, and home.

> This looks a lot like what 386 unix already does with /etc/shadow and the
> password file.

Nah, this puts *more* stuff in the password file. All the old stuff, plus
password aging.
-- 
`-_-' Peter da Silva. +1 713 274 5180. <peter at ficc.uu.net>.
 'U`  Also <peter at ficc.lonestar.org> or <peter at sugar.lonestar.org>.
"It was just dumb luck that Unix managed to break through the Stupidity Barrier
and become popular in spite of its inherent elegance." -- gavin at krypton.sgi.com