On Mon, 31 Aug 1998, Nicholas Bodley wrote:
> Internal script to run an MD5 check of your .*rc files? (Do it every n
> minutes as a cron(tab?) item?
>
Of course. Every week (approximately - not always at the same time
though) in fact.
> Makes me wonder about "rolling password" algorithms, that require a
> different, deterministically-created (chaos better than CRC-type basis)
> password at every logon. However, carrying around a programmable calc.
> (or other hdwe.) to generate the current password is pretty bad.
>
Yeah. IMHO that sort of thing doesn't actually add a significant amount
of security. Users will leave the calculate lying around, with
instructions scribbled on a bit of paper. If users set their own password
to something they can remember, they hopefully won't write it down, and if
there are checks in place to make sure it is not anything obvious (crack
gets run monthly) then I think that is as safe as I'm likely to get
without being unreasonable.
> I haven't yet had a PPP (or SLIP) account. The more I read, the more I
> feel that a shell server at my ISP is a fairly-decent firewall!
>
Hmm....
--
Mike <[EMAIL PROTECTED]>
If you can survive death, you can probably survive anything.
