Path: utzoo!attcan!uunet!aplcen!samsung!usc!apple!bionet!agate!shelby!UMD2.UMD.EDU!ZBEN From: ZBEN@UMD2.UMD.EDU (Ben Cranston) Newsgroups: comp.protocols.kerberos Subject: Re: Why is initial user authentication done the way it is? Message-ID: Date: 15 Jun 90 15:11:50 GMT Sender: daemon@shelby.Stanford.EDU Organization: The Internet Lines: 13 It occurs to me that the tgt could initially return something that is encrypted and cannot be "validated" even if the correct password be guessed. The client would be forced to do one more interaction with the tgt server, a sort of "ok, this is something you gave me decrypted with the user's password -- does it make sense to you?". The advantage of this is that a dictionary approach would have to do one of these additional interactions for every try, and the tgt could arrange to notify human security personnel if the number of "bad password" replies exceeds a certain number within a predetermined time interval. The disadvantage is requiring one more packet interchange per login, and the fact that it does NOT address the aforementioned tgt-spoofing attack.