-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I think it falls under the security vs. convenience category. Ideally, everyone would use a different multi-word pass phrase for every account they deal with. However, that's not very convenient. I like having the option to allow sites to set up using the same password for the end nodes as for the web site. What I like even better is being able to generate long random passwords for each reservation with a way to pass that on to the remote viewer client (RDP, ssh, VNC, etc), but we haven't been able to solve that one yet (some good ideas though).
Josh On Thursday, July 05, 2012 2:52:57 PM Henry Schaffer wrote: > On Tue, Jul 3, 2012 at 3:15 PM, Dmitri Chebotarov <dcheb...@gmu.edu> wrote: > > Hi > > > > Would LDAP authentication be better choice? In this case password policy > > already enforced by central LDAP server. Users would login to > > reservations using the same credentials as for VCL front-end (which uses > > LDAP auth) ... > > I was under the impression that having two separate passwords - the > user's own which is used to login in to the front end (often using > LDAP), and then the one-time password used to log into a reservation > enhanced security by tying together the web front-end session with the > image reservation. > > If this is correct, then perhaps using the same LDAP credentials is > a step backwards. > > --henry schaffer - -- - ------------------------------- Josh Thompson VCL Developer North Carolina State University my GPG/PGP key can be found at pgp.mit.edu All electronic mail messages in connection with State business which are sent to or received by this account are subject to the NC Public Records Law and may be disclosed to third parties. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) iEYEARECAAYFAk/17dIACgkQV/LQcNdtPQOZjACff+z7iktyL933Bucz1lUBvpMV DcoAnj46kYk/i4v7QjIZ0dJMsR6GVHQ6 =0rev -----END PGP SIGNATURE-----