Path: utzoo!utgpu!cunews!bnrgate!brtph3!brchh104!brchs1!bnr.ca!rice.edu!sun-spots-request
From: henry@zoo.toronto.edu (Henry Spencer)
Newsgroups: comp.sys.sun
Subject: Re: Password Incompatibilties
Keywords: Miscellaneous
Message-ID: <1097@brchh104.bnr.ca>
Date: 7 Jan 91 17:42:56 GMT
Sender: news@brchh104.bnr.ca
Organization: Sun-Spots
Lines: 17
Approved: Sun-Spots@rice.edu
X-Refs:  Original: v10n3
X-Sun-Spots-Digest: Volume 10, Issue 10, message 9
X-Note: Submissions: sun-spots@rice.edu, Admin: sun-spots-request@rice.edu

In article <1043@brchh104.bnr.ca> drm@gaia.gcs.oz.au (David Moline) writes:
>Anyway now with SunOS 4.1 the passwd command has options for aging and
>expiring passwords (IMHO this is a great feature)...

Actually it is a cretinous feature, unless they've considerably improved
on past implementations of it.  The idea of putting limits on password age
is good, but springing "your password is too old, I insist that you change
it *NOW*" on a user as a surprise is a devastating botch in user
interface.  The result tends to be passwords chosen in haste, i.e. poorly.

For more commentary on this, see Grampp&Morris, "UNIX Operating System
Security", Bell Labs Technical Journal, Oct 1984.  It's amazing that the
people at AT&T and Sun still do not seem to have read this well-known
paper.

If the Space Shuttle was the answer,   | Henry Spencer at U of Toronto Zoology
what was the question?                 |  henry@zoo.toronto.edu   utzoo!henry