Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!hsi!stpstn!lerman
From: lerman@stpstn.UUCP (Ken Lerman)
Newsgroups: comp.unix.misc
Subject: Re: Login vs. typeahead
Message-ID: <5798@stpstn.UUCP>
Date: 15 Nov 90 14:11:45 GMT
References: <1990Nov13.182623.18967@smsc.sony.com> <1990Nov13.233329.8736@athena.mit.edu>
Reply-To: lerman@stpstn.UUCP (Ken Lerman)
Organization: The Stepstone Corporation, Sandy Hook, CT 06482
Lines: 29

In article <1990Nov13.233329.8736@athena.mit.edu> jik@athena.mit.edu (Jonathan I. Kamens) writes:
->In article <1990Nov13.182623.18967@smsc.sony.com>, dce@smsc.sony.com (David Elliott) writes:
->|> ... if a user tries to do this, some or all of
->|> the password they type is displayed on the screen, and then this data
->|> is ignored by getpass(), which flushes the input before it reads.
->|> 
->|> What I would like to know is if there is a good reason for the current
->|> behavior, and if changing this behavior might in some way compromise
->|> the security of the system.
->
->  The flushing of typeahead is meant to prevent people from doing exactly what
->you describe.  Allowing the first characters of your password to be displayed
->on the screen as you type them is a Bad Idea (tm) and a clear security
->problem.  If the login program doesn't accept input typed before echoing is
->turned off, then people have an incentive not to type any input before echoing
->is turned off.
->
->-- 
->Jonathan Kamens			              USnail:
->MIT Project Athena				11 Ashford Terrace
->jik@Athena.MIT.EDU				Allston, MA  02134
->Office: 617-253-8085			      Home: 617-782-0710

Is there any reason why one couldn't build a login program which
always has echo turned off (and did a manual echo)?  I understand that
the echoing would be slower, but the problem of echoed passwords would
be solved.  Would that be acceptable?

Ken