Date: Tue, 10 Mar 1998 16:40:30 -0800 From: Mike Smith <mike@smith.net.au> To: Mark Mayo <mark@vmunix.com> Cc: Andrzej Bialecki <abial@nask.pl>, tcobb@staff.circle.net, hackers@FreeBSD.ORG, msmith@FreeBSD.ORG Subject: Re: PAM? Message-ID: <199803110040.QAA20827@dingo.cdrom.com> In-Reply-To: Your message of "Tue, 10 Mar 1998 19:35:48 EST." <19980310193548.10374@vmunix.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Kerberos? > > I've been using v4 here for ages, and it works swell. Haven't tried > v5 (actually don't even know if it's available under FreeBSD). Yes. > What do "SecurID tokens" give you that Kerberos doesn't?? Since NT is > going the way of Kerberos, I'm imagining that in a few years, Kerberos > style authentication will be all that really matters... :-) SecurID uses a physical token (like a credit-card calculator) which displays a random number which changes every so often. You use the number as a password. Because the server knows the sequence, it can make allowances for time drift in the cards. Guessing the sequence from a set of sample passwords is meant to be very difficult. This is relatively more secure than Kerberos, but still involves a "trusted host". -- \\ Sometimes you're ahead, \\ Mike Smith \\ sometimes you're behind. \\ mike@smith.net.au \\ The race is long, and in the \\ msmith@freebsd.org \\ end it's only with yourself. \\ msmith@cdrom.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199803110040.QAA20827>