From owner-freebsd-security Sat Jan 13 19:51:47 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail.ipfw.org (cr308584-a.wlfdle1.on.wave.home.com [24.114.52.208]) by hub.freebsd.org (Postfix) with ESMTP id B5D7437B400 for ; Sat, 13 Jan 2001 19:51:29 -0800 (PST) Received: from apollo (apollo.objtech.com [192.168.111.5]) by mail.ipfw.org (Postfix) with ESMTP id 1948D312D; Sat, 13 Jan 2001 22:51:25 -0500 (EST) Date: Sat, 13 Jan 2001 22:51:24 -0500 From: Peter Chiu X-Mailer: The Bat! (v1.49) Reply-To: Webbie X-Priority: 3 (Normal) Message-ID: <58623706.20010113225124@ipfw.org> To: "Crist J. Clark" Cc: Frank Tobin , cjclark@alum.mit.edu, Dru , Subject: Re[2]: opinions on password policies In-reply-To: <20010113165021.I97980@rfx-64-6-211-149.users.reflexco> References: <20010113165021.I97980@rfx-64-6-211-149.users.reflexco> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Saturday, January 13, 2001, 7:50:21 PM, you wrote: CJC> On Sat, Jan 13, 2001 at 05:35:51PM -0600, Frank Tobin wrote: >> While this may not be applicable to your situation, I feel that the best >> policy is to demand public-key authentication. The reason for this is to >> limit the human factor, not demanding the user remember yet another unique >> password. If forced to remember another password, most users (including >> myself) will often re-use a password they use at another place. >> >> If your system is compromised, you do not to help the attackers, who are >> now likely, get into other accounts the user might have other places >> because they reused the pasword. On the flip side, it would be best that >> if the user was compromised someplace else, it won't help the attackers >> use the authentication information to get into the victim's account on >> your system. Public-key systems prevent this sort of "chain-reaction" >> account breakage. CJC> I am not sure I understand your argument here. I your system, how does CJC> the _user_ authenticate himself? Biometrics? HW token? Smart card? CJC> Really, no passwords? I think he means using a public-key pair without a passphrase. I could be wrong though. However, if the box that stores the private key is compromised, all other remote boxes that use that key pair are in danger. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message