SCO Unix password scheme sucks!
Kenneth Herron
kherron at ms.uky.edu
Wed Dec 5 01:28:09 AEST 1990
Tim,
Did you know that they make coffee with all the caffeine taken out?
Try some, I think you'll feel better.
>Why does this system insist that it knows better than I do what passwords
>should be used on *MY* machine? This is most annoying. I have an account
>that I want to set the password for to the single letter 'a'.
It's called security. I don't know about your site, but some sites have
to protect against breakins, and that means users have to use reasonable
passwords, not stupid ones like "a".
If your site is secure against breakins then you just replace the console
getty with a shell and avoid the whole login process. Or replace passwd
with /bin/true and avoid password checking.
>The stupid thing is not even consistent! It will let me easily create an
>account with no password, which is a much bigger security problem than what I
>want to do!
If this is so easy, why put a stupid one-letter password on the account
at all? Don't say "security," it WON'T be secure.
>Am I going to have to resort to editing the encrypted password
>myself?
Yeah, you go do that.
--
Kenneth Herron kherron at ms.uky.edu
University of Kentucky (606) 257-2975
Department of Mathematics
"Never trust gimmicky gadgets" -- The Doctor
More information about the Comp.unix.sysv386
mailing list