Path: utzoo!utgpu!watmath!clyde!att!occrsh!occrsh.ATT.COM!scsmo1.UUCP!tim From: tim@scsmo1.UUCP Newsgroups: comp.unix.wizards Subject: Re: Here's a *BRILLIANT* password idea! Message-ID: <2400003@scsmo1.UUCP> Date: 3 Dec 88 04:54:00 GMT References: <438@amanue.UUCP> Lines: 26 Nf-ID: #R:amanue.UUCP:-43800:scsmo1.UUCP:2400003:000:1071 Nf-From: scsmo1.UUCP!tim Dec 2 22:54:00 1988 >But, in the UK at least, if you abort the 'login' attempt after the 2nd >attempt (there is a button to do this), you get your card back, and can >then try again immediately. Thus you have an unlimited number of attempts. >I have not tried this on a machine in the US. This will work in the U.S. Some machines will kick the card out after 3 incorrect tries. One machine I tried 8 times, it didn't take the card, but later after the card had been slightly mutated it took it. I had the number changed on my card, there was an ibm pc connected to a card reader. I typed in the number (on a seperate keypad) and the banker slid the card back through the card reader. The pc was _NOT_ connected to anything. >This no longer has much to do with Unix. But it does have to do with money. How about terminals that have card readers? The biggest security problem is users that don't think about security problems, They tell other users their passwords (the don't like using paths to get files) Tim Hogard tim@scsmo1.uucp Soil Conservation Service.