What should the password/security/userinfo/login system include?

[John F. Haugh II]

In article <7311 at ficc.uu.net> peter at ficc.uu.net (Peter da Silva) writes:
>If the user is conscientious, then they will use different passwords up
>to some limit. The more frequently they have to switch to a new password,
>the fewer machines they'll be willing to have unique passwords on.

I don't know where you come up with these blanket statements.

In an ideal world, yes, the ideal user would use 8 character random
generated passwords.  However, studies show that more difficult
passwords tend to be written down, and once people start writing
down passwords, security goes out the window.

>If the user is not conscientious, they'll use the same password everywhere
>and minimise the effect of aging by using (say) "secret1" then "secret2",
>or toggle between two passwords, or otherwise work around the password aging.

No, real world users use the same password on all their machines so
they won't have to remember 30 or 40 different passwords.  Larry Wall
mentioned using the same salt on all of the machines as well.  Great
idea, now when is he going to write the passwd program to do that for
me ;-)

>So, at the best password aging doesn't improve security. At worst, it
>reduces it.
>
>When the system makes *me* change, I then change back to the old one. And
>change passwords on my schedule.

Then you need a new passwd program.  Real world [ read: really secure ]
passwd programs don't permit trivial changes in passwords, don't let you
recycle the old ones, and don't let you use mostly-words like "secret1".
[ See the obscure passwd detector which detects English tri-grams for more
information ]
-- 
John F. Haugh II                        +-Things you didn't want to know:------
VoiceNet: (512) 832-8832   Data: -8835  | In Ham lingo DEC is rot-13 for "Low
InterNet: jfh at rpp386.cactus.org         | Power".  "CPU?"  "QRP Vax-11."
UUCPNet:  {texbell|bigtex}!rpp386!jfh   +--------------------------------------