From owner-cvs-all Mon Aug 6 7:36:50 2001 Delivered-To: cvs-all@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 40EC337B403; Mon, 6 Aug 2001 07:36:35 -0700 (PDT) (envelope-from ache@nagual.pp.ru) Received: (from ache@localhost) by nagual.pp.ru (8.11.4/8.11.4) id f76EaKA59626; Mon, 6 Aug 2001 18:36:20 +0400 (MSD) (envelope-from ache) Date: Mon, 6 Aug 2001 18:36:15 +0400 From: "Andrey A. Chernov" To: Mark Murray Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/lib/libopie Makefile Message-ID: <20010806183611.B59504@nagual.pp.ru> References: <20010806002848.B47300@nagual.pp.ru> <200108061014.f76AEdZ07896@grimreaper.grondar.za> <20010806180917.A59047@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20010806180917.A59047@nagual.pp.ru> User-Agent: Mutt/1.3.19i Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Aug 06, 2001 at 18:09:21 +0400, Andrey A. Chernov wrote: > quick change in case secret phrase becomes known (f.e. asking admin to > change password each time by email weakens security). It means you can't Really, any type of admin asking weakens security, not email only (which is insecure channel), because of reaction time lag. During that period intruder can use secret phrase to do harm. In expired password situation, user don't have its access during that period which is inconvenient. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message