A CAC card (Computer Authorization Card???) is a ROM that plugs into a USB port and is the authentication for Windows/system logon, and everything else. It's been used for a few years now on military networks. No reason it couldn't be extended to civilian uses. "CAC" may not be entirely correct, but I believe it is. I don't have one. The user carries it around on his person like an ID card.
Password safe http://passwordsafe.sourceforge.net/ is freeware. There are lots of similar products out there. One password opens the "safe" and all usernames and passwords are used by copy/paste. I haven't done extensive research on them. Some come with security suites. Others are stand-alone products. Fred Holmes At 12:15 PM 12/29/2007, Judy Cosler wrote: >what is a CAC card?? > >what is good s/w for changing & storing p/w's? > >Fred Holmes wrote: >>Some systems will lock you out after a small number of consecutive failed >>authentication attempts. Three? Five? Ten? >> >>It would also seem possible to write code that requires the system to wait, >>say five seconds, before another attempt at a correct password may be made, >>thus making a dictionary attack impossibly long. >> >>I don't think requiring frequent change of password is worth much. >> >>Sooner or later everyone will have a CAC card, or at least banks will issue >>them for on-line banking. >> >>Fred Holmes >> >>At 09:51 AM 12/29/2007, Tom Piwowar wrote: >> >>>Passwords have to be stored on the computer or network so the OS can verify >>>what is typed in. The secure way to do this is to never store an actual >>>password, but instead a hashed version. So when a password is typed it is >>>hashed by the computer and compared to the stored version. This way there is >>>never a copy of the password that a hacker may find. The hashing programs >>>work only in one direction, so a hashed password can't be unhashed. >>> >>>This can be defeated by a dictionary attack. Every possible combination of >>>characters is hashed and the password-hash pair stored. Then the hacker only >>>has to retrieve the hashed password and look up the real password in the >>>dictionary. This was once hard to do because it took so long to create the >>>dictionary. But today such a dictionary only has to be created once and >>>lookups can easily be made via the Web, often simply Googled. >>> >>>So isn't all the fuss to force us to make up long, complicated passwords and >>>change them frequently, just a silly waste of time? What they call "security >>>theater." >>> >> >> >>************************************************************************ >>* ==> QUICK LIST-COMMAND REFERENCE - Put the following commands in <== >>* ==> the body of an email & send 'em to: [EMAIL PROTECTED] <== >>* Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name >>* Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST >>* Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L >>* New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress >>* Need more help? Send mail to: [EMAIL PROTECTED] >>************************************************************************ >>* List archive from 1/1/2000 is on the MARC http://marc.info/?l=computerguys-l >>* List archive at www.mail-archive.com/[email protected]/ >>* RSS at www.mail-archive.com/[email protected]/maillist.xml >>* Messages bearing the header "X-No-Archive: yes" will not be archived >>************************************************************************ >> >> > > >************************************************************************ >* ==> QUICK LIST-COMMAND REFERENCE - Put the following commands in <== >* ==> the body of an email & send 'em to: [EMAIL PROTECTED] <== >* Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name >* Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST >* Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L >* New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress >* Need more help? Send mail to: [EMAIL PROTECTED] >************************************************************************ >* List archive from 1/1/2000 is on the MARC http://marc.info/?l=computerguys-l >* List archive at www.mail-archive.com/[email protected]/ >* RSS at www.mail-archive.com/[email protected]/maillist.xml >* Messages bearing the header "X-No-Archive: yes" will not be archived >************************************************************************ ************************************************************************ * ==> QUICK LIST-COMMAND REFERENCE - Put the following commands in <== * ==> the body of an email & send 'em to: [EMAIL PROTECTED] <== * Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name * Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST * Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L * New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress * Need more help? Send mail to: [EMAIL PROTECTED] ************************************************************************ * List archive from 1/1/2000 is on the MARC http://marc.info/?l=computerguys-l * List archive at www.mail-archive.com/[email protected]/ * RSS at www.mail-archive.com/[email protected]/maillist.xml * Messages bearing the header "X-No-Archive: yes" will not be archived ************************************************************************
