new password idea
Jeff Poulin
poulin at polar.bowdoin.edu
Mon Apr 22 10:39:32 AEST 1991
I think as long as a password file is available for anyone to read, there
will be some abuse. Sure, it's dumb to use a word in the dictionary as a
password, but I've seen ridiculously complicated passwords here these past
few days. No matter how confuscated your password may be, it still boils
down to a guessing game between you and the cracker. You try to pick a
combination the cracker is not likely to try, and he (or she) will try to
outsmart you by choosing it.
If you're really worried about kids getting into your account (an adult who
tries to pick people's passwords is considered a child in my book), then
write a password program for yourself and run it from .cshrc (or
whatever). That way, even if someone breaks into your account, they
still have another password to crack before they have access to your
files. If the second password is incorrect, your password program simply logs
you out. Since the file with the password encryption resides in your account,
you don't have to worry that someone is cracking your password on some PC
somewhere.
Jeff
Jeff Poulin poulin at polar.bowdoin.edu jpoulin at bowdoin.bitnet
More information about the Comp.unix.wizards
mailing list