Date: Mon, 3 Jun 1996 08:10:04 -0400 (EDT) From: Will Brown <ewb@zns.net> To: freebsd-security@freebsd.org, mattp@conundrum.com Subject: Re: MD5 Crack code Message-ID: <199606031210.IAA01617@selway.i.com>
next in thread | raw e-mail | index | archive | help
Trying (and hopefully failing) to Crack passwords is onne thing. An altogether other thing is cleartext passwords flying around on the net. IMHO that is the largest single risk to systems that are not firewalled. Personally I'd love to insist on Skey (or something like it). Seems to me that simply building clients (FTP, telnet, MUA's, etc.) that are "Skey aware" would go a long way. A separate Skey calculator is a level of "complexity" that many naive users seem to balk at. SecurID (for example) may be "better" because it is "two factor" but it seems like they are using that to justify a system that is far more complex than is required (backend relational databases, etc. etc.) Anybody know of work going on in this direction? In particular, cross-platform SKey aware clients? ------------------------============================----------------------- Will Brown ewb@zns.net Professional Web Design Zygaena Network Services http://www.zns.net and Hosting 216-381-6019 (voice) 216-381-6064 (fax) at reasonable prices
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199606031210.IAA01617>