Forcing password change on new users...
Peter L. Peres
plp-ysDPMY98cNQDDBjDh4tngg at public.gmane.org
Fri Jan 14 17:59:15 UTC 2005
On Thu, 13 Jan 2005, James Knott wrote:
> Henry Spencer wrote:
>> On Thu, 13 Jan 2005, Christopher Browne wrote:
>>
>>>> and (b) use minor variations on it thereafter instead of making up new
>>>> ones. Both of those practices are distinctly detrimental to security.
>>>
>>> I just got forced into a password change yesterday on AIX, and
>>> discovered that I wasn't permitted to have more than 2 characters of my
>>> password be the same as the old one.
>>> I'm not quite sure how someone would come up with a "minor" variation on
>>> that...
>>
>>
>> Oh, any number of ways -- they just get creative at higher levels. For
>> example, rotate through the names of the seven dwarfs (perturbed enough
>> to satisfy criteria about nonalphanumeric characters etc.).
>
> One way to generate unique passwords, is to run "ps aux|md5sum". Now that
> the hard part is done, all you have to do, is remember the new password. ;-)
Much easier and can be regenerated at will: echo "salt$(date)"|md5
where salt is a string that you remember (like your fav. cartoon
character's name). And there is no need to type the entire output of md5
as password. Say the 5-th character on, is good. Run date with certain
options to get the date right for when you set the password.
Peter
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list