Path: utzoo!attcan!uunet!husc6!bloom-beacon!tut.cis.ohio-state.edu!osu-cis!att!cbnews!lvc
From: lvc@cbnews.ATT.COM (Lawrence V. Cipriani)
Newsgroups: comp.unix.wizards
Subject: Re: Password security
Message-ID: <2349@cbnews.ATT.COM>
Date: 28 Nov 88 13:51:25 GMT
References: <4449@sneaky.TANDY.COM> <32582@bbn.COM> <4655@sneaky.TANDY.COM>
Reply-To: lvc@cbnews.ATT.COM (Lawrence V. Cipriani)
Distribution: na
Organization: AT&T Bell Laboratories
Lines: 12

One enhacement to security I have seen on mainframes running UNIX(tm) is
to have a "External Security Password" that is settable by the system
administrator.  The admin will change it monthly.  Typically it is
"pronouncable but hard".  To login successfully, you have to give your
login, your password, and the ESP.  Then, if any of these is bad, you're
repompted.  This helps security by ensuring that there is at least one
hard password.  The bad part is that you have to distribute the new
password to all the users.  I like this system pretty well.

-- 
Larry Cipriani, AT&T Network Systems, Columbus OH,
Path: att!cbnews!lvc    Domain: lvc@cbnews.ATT.COM