Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!utgpu!water!watnot!watmath!clyde!rutgers!brl-adm!adm!rbj@icst-cmr.arpa From: rbj@icst-cmr.arpa Newsgroups: comp.unix.wizards Subject: Re: Unix userid conventions Message-ID: <4927@brl-adm.ARPA> Date: Thu, 12-Mar-87 18:24:39 EST Article-I.D.: brl-adm.4927 Posted: Thu Mar 12 18:24:39 1987 Date-Received: Fri, 13-Mar-87 21:42:51 EST Sender: news@brl-adm.ARPA Lines: 40 ? Until recently, userids on the Suns consisted of users' last ? names. Our IBM systems use userids which are unique 6-character ? alphanumeric codes obtained by taking a user's Social Security ? Number base 36 (or something like that). As far as the user is ? concerned, it's a random userid (e.g. QZX1RS). In the interest ? of security. the powers that be have decided to use this type of ? userid on the Sun system. Naturally, the Sun users balked. I've ? tried to reason with the system administrators, but to no avail. ? I pointed out that enforcing stricter password usage measures ? would be a better solution (e.g. password aging, computer- ? generated passwords, minimum length passwords, etc). I notice ? that nearly every contributor to unix-wizards has a userid which ? consists of either the user's last name, first name, initials, or ? some combination of these. Surely you guys are concerned with ? security?! (the response I got was that csnet users are all ? university types (and I guess I was supposed to assume that ? university types aren't security-conscious)). ? ? Can anyone come to my defense? Thanks for your time. Sounds like the EDS bozos. Pretty brain-damaged, eh? All you can do is play their game. As mike@brl suggested, get that report. All you other groovy people commenting on this have missed the point: Merely *knowing* that a given user has an account on a machine provides a clue as to where to look. Anonymity provides some `security'. Tell them it's a violation of your privacy to use your SSN as an input to a function. Just wait till those suckers find out the password file is readable :-) (Root Boy) Jim "Just Say Yes" Cottrell Why did Paul Simon name his album after Elvis Presley's house? Disclaimer: I speak for myself. NBS doesn't necessarily think likewise of EDS, but just the same, I haven't seen any of them working on any of our contracts either. P.S. Say HI to Myron Ginsberg for me.