a thought about UNIX login security

Dave Sherman dave at utcsrgv.UUCP
Tue Jun 14 05:59:56 AEST 1983


Back in the days of v6, login would only prompt for a password
if a valid login was given. Then people realized that that gave
away valid login names and made breaking in easier. So now login
prompts for a password whether or not the login name is valid.
But nowadays, all kinds of login names are freely available from
the net, so this protection is a little less useful.

Admittedly, most would-be break-in-ers aren't on the net, and
the net doesn't give anything approaching a complete list of
logins at a given site, but it's a thought....

Dave Sherman
Toronto



More information about the Comp.unix.wizards mailing list