Path: utzoo!attcan!uunet!husc6!bloom-beacon!tut.cis.ohio-state.edu!osu-cis!att!cbnews!lvc From: lvc@cbnews.ATT.COM (Lawrence V. Cipriani) Newsgroups: comp.unix.wizards Subject: Re: Password security Message-ID: <2349@cbnews.ATT.COM> Date: 28 Nov 88 13:51:25 GMT References: <4449@sneaky.TANDY.COM> <32582@bbn.COM> <4655@sneaky.TANDY.COM> Reply-To: lvc@cbnews.ATT.COM (Lawrence V. Cipriani) Distribution: na Organization: AT&T Bell Laboratories Lines: 12 One enhacement to security I have seen on mainframes running UNIX(tm) is to have a "External Security Password" that is settable by the system administrator. The admin will change it monthly. Typically it is "pronouncable but hard". To login successfully, you have to give your login, your password, and the ESP. Then, if any of these is bad, you're repompted. This helps security by ensuring that there is at least one hard password. The bad part is that you have to distribute the new password to all the users. I like this system pretty well. -- Larry Cipriani, AT&T Network Systems, Columbus OH, Path: att!cbnews!lvc Domain: lvc@cbnews.ATT.COM