Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!rpi!zaphod.mps.ohio-state.edu!mips!pacbell.com!pacbell!premenos!mtdiablo!seeker!chip
From: chip@seeker.MYSTIC.COM (David "Chip" Reynolds)
Newsgroups: comp.unix.wizards
Subject: Re: Passwords
Summary: Fixed passwords are as good as USELESS!
Message-ID: <1071@seeker.MYSTIC.COM>
Date: 18 Apr 91 17:43:21 GMT
References: <1991Apr12.120209.21241@mp.cs.niu.edu> <17401: Apr1307:58:0691@kramden.acf.nyu.edu> <BZS.91Apr15150237@world.std.com>
Organization: Mystic Software
Lines: 53


 With all this talk about how to make fixed passwords more secure, I see, IMHO,
a very criticle point being missed.  First, a disclaimer:

I am a programmer and a product manager for a Unix security package.  I have
some stake in what I'm posting here.  If you want unbiased, junk this now.

If you want to have accountability, or if you want to protect an account, fixed
passwords just aren't the answer.
If I do something on the system, there is NO WAY that a systems admin. can hold
me accountable.  "Someone stole my password!  They must have hacked it! KGB
spies are clearly responsible!  The dog ate it!" take your pick.

The only reasonable way to implement this is with a one-time password.

Password Books, with one-use passwords can be stolen, photocopied, lost, etc.
We use a different approach.  It's called a "super-smart card."

Using this card (we'll take one example, the MultiSync card. Which, incidentally is the only one so secure that the United States Government has put a 
secrecy order on disclosing the technology involved) the computer prompts you
for an "ID:" you enter your id name, then it gives you a "Challange" which can be anumber of digits (numeric/hex/"friendly") that is variable on how the system is set-up from 4-32.  YOu feed these into your card, and they are encrypted (a PIN can also be used as a salt, as can syncronizing the card with the 
system clock.) the card gives you back a response that you then re-enter.
Using multiple DES keys, no to challanges are ever repeated (the card has a 23
digit cipher key, after the challange-responses have been used, you change the
key) and the odds of guessing are in the area of 1 in 70 quadrillion. (assuming
full installation.)

UnixSafe  (r) is installed in your /etc/passwd file as the shell for access,
and it then allows you to define "On Access Granted" procedures.

This is an out-and-out plug for the product, but I won't bore you further.
If your interested, call/write me at my vitals below.

The point of this post being: Fixed Passwords CAN'T work. Dynamic passwords
are the only viable answer.

Thanx,

-*- DCKR -*-   David Reynolds
Blessed Be!


chip@seeker.UUCP
decwrl!prememos!chip@seeker.MYSTIC.com

root@diana.UUCP

David Reynolds
Programmer, Product Manager UnixSafe/GatewaySafe
Enigma Logic Inc.
2151 Salvio St. Suite 301
Concord Ca. 94520
(415) 827-5797