-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I think it falls under the security vs. convenience category.  Ideally, 
everyone would use a different multi-word pass phrase for every account they 
deal with.  However, that's not very convenient.  I like having the option to 
allow sites to set up using the same password for the end nodes as for the web 
site.  What I like even better is being able to generate long random passwords 
for each reservation with a way to pass that on to the remote viewer client 
(RDP, ssh, VNC, etc), but we haven't been able to solve that one yet (some 
good ideas though).

Josh

On Thursday, July 05, 2012 2:52:57 PM Henry Schaffer wrote:
> On Tue, Jul 3, 2012 at 3:15 PM, Dmitri Chebotarov <dcheb...@gmu.edu> wrote:
> > Hi
> > 
> > Would LDAP authentication be better choice? In this case password policy
> > already enforced by central LDAP server. Users would login to
> > reservations using the same credentials as for VCL front-end (which uses
> > LDAP auth) ...
> 
>   I was under the impression that having two separate passwords - the
> user's own which is used to login in to the front end (often using
> LDAP), and then the one-time password used to log into a reservation
> enhanced security by tying together the web front-end session with the
> image reservation.
> 
>   If this is correct, then perhaps using the same LDAP credentials is
> a step backwards.
> 
> --henry schaffer
- -- 
- -------------------------------
Josh Thompson
VCL Developer
North Carolina State University

my GPG/PGP key can be found at pgp.mit.edu

All electronic mail messages in connection with State business which
are sent to or received by this account are subject to the NC Public
Records Law and may be disclosed to third parties.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)

iEYEARECAAYFAk/17dIACgkQV/LQcNdtPQOZjACff+z7iktyL933Bucz1lUBvpMV
DcoAnj46kYk/i4v7QjIZ0dJMsR6GVHQ6
=0rev
-----END PGP SIGNATURE-----

Reply via email to