Path: utzoo!attcan!uunet!mcsun!ukc!kl-cs!nott-cs!cat.fulcrum.bt.co.uk!masalla.fulcrum.bt.co.uk!beta.its.bt.co.uk!tjo From: tjo@its.bt.co.uk (Tim Oldham) Newsgroups: comp.unix.questions Subject: Re: passwds and crypt(3)... Message-ID: Date: 13 Jan 90 12:49:36 GMT References: <1990Jan3.103141.9903@gdt.bath.ac.uk> <21913@adm.BRL.MIL> <1990Jan2.222052.915@athena.mit.edu> <1990Jan3.204103.9684@athena.mit.edu> <1990Jan4.111940.18769@gdt.bath.ac.uk> Sender: root@fulcrum.bt.co.uk (Root on Masalla) Organization: BT Applied Systems, Birmingham, UK Lines: 28 In article <1990Jan4.111940.18769@gdt.bath.ac.uk> exspes@gdr.bath.ac.uk (P E Smee) writes: > >I'd add in passing that I question the wisdom of putting 'last logged >in at' into the startup greeting. My experience is that (as above) it >can be useful for crackers, and that it gains you next to nothing in >security terms, as the vast majority of legitimate users don't pay any >attention to it at all -- just part of the noise the machine spits at >you when you log on, to be ignored. Certainly that's the way I feel about most last-login messages. I rarely look at mine. However, I would say that this doesn't mean that it's useless, or that login messages per se are useless. At UKC, then the login messages (at least used to --- I guess they still do) told you *where* you last logged in from (all logins were via hardware PADs on the Cambridge ring). This was a very useful feature. Several times people changed their passwords because ``a friend of mine'' had accidentally used them from somewhere strange. I guess the social scientists whose logins had been hacked found it odd that the machine was telling them they'd last logged in from the 68000 Laboratory when they didn't even know where it was. On the grounds that it's minimal overhead, I think login messages are A Good Thing. Tim. -- Tim Oldham, BT Applied Systems. tjo@its.bt.co.uk or ...!ukc!axion!its!tjo Less is more, but not as much as more.