Path: utzoo!utgpu!watmath!clyde!att!ulysses!smb From: smb@ulysses.homer.nj.att.com (Steven M. Bellovin) Newsgroups: comp.unix.wizards Subject: Re: password aging Message-ID: <10903@ulysses.homer.nj.att.com> Date: 29 Nov 88 22:56:24 GMT References: <17648@adm.BRL.MIL> <9001@smoke.BRL.MIL> Organization: AT&T Bell Laboratories, Murray Hill Lines: 23 In article <9001@smoke.BRL.MIL>, gwyn@smoke.BRL.MIL (Doug Gwyn ) writes: } In article <17648@adm.BRL.MIL> rbj@nav.icst.nbs.gov (Root Boy Jim) writes: } >I happen to believe that } >one should only choose *one* password *in their entire lifetime* and } >stick with it until one has reason to believe it has been compromised. } } This should be modified somewhat; so long as the same encryption scheme } is being used, and the password is not thought to be vulnerable to the } standard attacks, one is sufficient until it is compromised. However, } it would be folly to use your well-protected UNIX password on a public } BBS, for example, because very likely the password on the BBS is NOT so } well protected, and once it is stolen there it could be used to enter } your supposedly more secure system. I tend to use a single (different) } password at each level of security, one for my accounts on public BBSes } and the like, where I don't much care if it's compromised, and one for } each type of protection (such as UNIX crypt()) on better-protected systems. Let me stress this further. One should also use different passwords for different authentication domains. I don't use the same password for my home machines as I do for other Bell Labs machines in other organizations. I'm guarding against several things, not just the cryptographic (or other) security of /etc/passwd, but also against boobytrapped login commands, etc. See the Grampp/Morris paper on UNIX system security for more details.