Passwords
dee at cca.UUCP
dee at cca.UUCP
Fri Jun 24 12:18:59 AEST 1983
How about hacking passwd so that when you change your password it first
checks that you are really changing it and that your new password is not
in a database of old passwords. If you flunk that test, it does
nothing. If you pass, it changes your password and adds your old one to
the database. In time, combined with a few complexity and length
checks, it should make passwords pretty secure. If passwords went stale
and stopped working if you didn't change them once every N months, it
would be even better.
Donald Eastlake
dee at cca-unit
decvax!cca!dee
More information about the Comp.unix.wizards
mailing list