On Wed, Mar 15, 2000 at 09:32:21PM +0000, powder keg wrote: > > Yes, but you gave those to us. Now, assuming these machines are running > Hurd (which they're not) if we telnet to your machine and find someone who > hasn't reset their default passwd...
There are no default passwords. Any good sysadmin won't set accounts to default passwords. > No one is going to use the Hurd if you have some sort of nonsense like an > open login shell. It's the default, not mandatory. If you don't like it, switch it off. > >Here is one for you: "root". Probably 90% of all machines have it. > > Yeah, but the root account doesn't usually have a simple password like the > average user has (birthday, mother's maiden name, etc). Educate your users or loose. Use crack to check if your users behave. > >To close the case I make the following suggestion: Double the length of the > >passwords from eight to sixteen. This has the same effect. > > This is the dumbest idea I've heard yet. If people can't remember 8-letter > passwords without scrawling it down in an obvious location, what makes you > think they'll fare any better with 16-letter ones? How do you think users will behave with a username and a password, but not with a username and a longer password? Thanks, Marcus -- `Rhubarb is no Egyptian god.' Debian http://www.debian.org Check Key server Marcus Brinkmann GNU http://www.gnu.org for public PGP Key [EMAIL PROTECTED], [EMAIL PROTECTED] PGP Key ID 36E7CD09 http://homepage.ruhr-uni-bochum.de/Marcus.Brinkmann/ [EMAIL PROTECTED]
