Date: Mon, 6 Aug 2001 18:30:59 +0400 From: "Andrey A. Chernov" <ache@nagual.pp.ru> To: Bill Fenner <fenner@research.att.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Opie and protecting passphrases Message-ID: <20010806183056.A59504@nagual.pp.ru> In-Reply-To: <20010806001807.A47300@nagual.pp.ru> References: <200108051858.LAA15976@windsor.research.att.com> <20010806001807.A47300@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
More thoughts from another thread: Restricting opiepasswd _weakens_ security, because force user to ask admin to change password each time (f.e. when OPIE countdown goes to 0 or in case secret phrase becomes accidentally known). Any type of admin asking (by phone, by email) produce reaction time lag, in that period intruder can use secret phrase or user don't have its access. Email asking additionly transmit passwords over insecure channel. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010806183056.A59504>