Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 24 Jun 1996 17:38:45 +0200
From:      Jouke Dijkstra <jouke@epsilon.nl>
To:        "Jordan K. Hubbard" <jkh@time.cdrom.com>
Cc:        hackers@freebsd.org
Subject:   Re: adduser mail
Message-ID:  <31CEB685.41C67EA6@epsilon.nl>
References:  <11828.835624782@time.cdrom.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Jordan K. Hubbard wrote:
> 
> Am I alone in thinking that adduser's current default behavior of mailing
> the user their password in plaintext is somehow wrong?
> 
>                                         Jordan

This tweaks my mind. It's a users initial password. No-one can read
without knowing it. If somebody knows it, he does not have to read it.
Only someone who's hacked root can read it, but someone who did that
will not be interested in the password.. 
There is one danger though.. If the mail is send to another host by
MX records, the password can be snooped.

- Jouke



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?31CEB685.41C67EA6>