Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!rutgers!ucsd!ucbvax!SUN.COM!gww
From: gww@SUN.COM (Gary Winiger)
Newsgroups: comp.protocols.tcp-ip
Subject: Re: password aging (from worm discussion)
Message-ID: <8811100214.AA06002@marduk.Sun.COM>
Date: 10 Nov 88 02:14:10 GMT
References: <8811070715.AA05179@gyre.umd.edu>
Sender: usenet@ucbvax.BERKELEY.EDU
Reply-To: gww@Sun.COM (Gary Winiger)
Organization: Sun Microsystems, Mountain View
Lines: 23

In article <8811070715.AA05179@gyre.umd.edu> chris@GYRE.UMD.EDU (Chris Torek) writes:
>
>At any rate, we intend to implement shadow password files here (at U of
>MD CSD) if Berkeley does not get to it first.  The way the worm breaks
>Unix passwords is by efficiently implementing the Unix `salted' DES
>encryption (possibly the worm's author simply used Bob Baldwin's code),
>
>We already enforce `hard to guess' passwords---dictionary checking is
>in 4.3BSD-tahoe, and we had been using similar checking earlier---and,

Chris,
	Some time in Jan, I posted a set of mods to 4.3 that I did while at
ELXSI (with their permission) to implement shadow password files, password
aging, and stronger password criteria.  The were posted to alt.sources
with a note in comp.bugs.4bsd.  I also sent a copy to Keith Bostic.  You
may  wish to look at that.  If it doesn't meet you needs, it might serve
as a starting point and illustrate a possible approach.  If you'd  like to
get a copy, drop me a note and I'll return the shars by mail.

Gary..
gww@Sun.COM

P.S. I'll be traveling  from 14 - 20 Nov. so replies won't happen until 21 Nov.