Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10 5/3/83; site utcsrgv.UUCP
Path: utzoo!utcsrgv!dave
From: dave@utcsrgv.UUCP (Dave Sherman)
Newsgroups: net.unix-wizards
Subject: a thought about UNIX login security
Message-ID: <1518@utcsrgv.UUCP>
Date: Mon, 13-Jun-83 15:59:56 EDT
Article-I.D.: utcsrgv.1518
Posted: Mon Jun 13 15:59:56 1983
Date-Received: Mon, 13-Jun-83 19:12:09 EDT
Organization: CSRG, University of Toronto
Lines: 13

Back in the days of v6, login would only prompt for a password
if a valid login was given. Then people realized that that gave
away valid login names and made breaking in easier. So now login
prompts for a password whether or not the login name is valid.
But nowadays, all kinds of login names are freely available from
the net, so this protection is a little less useful.

Admittedly, most would-be break-in-ers aren't on the net, and
the net doesn't give anything approaching a complete list of
logins at a given site, but it's a thought....

Dave Sherman
Toronto