Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!wuarchive!ukma!usenet.ins.cwru.edu!ncoast!allbery From: allbery@NCoast.ORG (Brandon S. Allbery KB8JRR) Newsgroups: comp.unix.sysv386 Subject: Re: SCO Unix password scheme sucks! Message-ID: <1990Dec14.044720.866@NCoast.ORG> Date: 14 Dec 90 04:47:20 GMT References: <36600@cup.portal.com> <662@hitachi.uucp> Reply-To: allbery@ncoast.ORG (Brandon S. Allbery KB8JRR) Followup-To: comp.unix.sysv386 Distribution: na Organization: North Coast Public Access *NIX, Cleveland, OH Lines: 26 As quoted from <662@hitachi.uucp> by jon@hitachi.uucp (Jon Ryshpan): +--------------- | In article <36600@cup.portal.com> ts@cup.portal.com (Tim W Smith) writes: | >> It's called security. I don't know about your site, but some sites have | >> to protect against breakins, and that means users have to use reasonable | >> passwords, not stupid ones like "a". | | SysV Unix (at least Interactive) allows you to create a password | without numerics or special chars for root or a system account at | system initialization, but it won't allow a user account to have | this kind of password. | | Explain that! +--------------- System V assumes the superuser knows what he's doing. Possibly incorrect, but hardcoding the requirements into passwd is no substitute for teaching these fledgling sysadmins how to administer a system. This is the same kind of muddy thinking that leads to "security through obscurity" braindamage. ++Brandon -- Me: Brandon S. Allbery VHF/UHF: KB8JRR on 220, 2m, 440 Internet: allbery@NCoast.ORG Packet: KB8JRR @ WA8BXN America OnLine: KB8JRR AMPR: KB8JRR.AmPR.ORG [44.70.4.88] uunet!usenet.ins.cwru.edu!ncoast!allbery Delphi: ALLBERY