Xref: utzoo comp.unix.wizards:12665 news.sysadmin:1616
Path: utzoo!attcan!uunet!husc6!cmcl2!adm!smoke!gwyn
From: gwyn@smoke.BRL.MIL (Doug Gwyn )
Newsgroups: comp.unix.wizards,news.sysadmin
Subject: Re: Worm/Passwords
Message-ID: <8942@smoke.BRL.MIL>
Date: 20 Nov 88 02:34:43 GMT
References: <22401@cornell.UUCP> <4627@rayssd.ray.com> <251@ispi.UUCP> <4668@mtgzz.att.com> <22624@beta.lanl.gov>
Reply-To: gwyn@brl.arpa (Doug Gwyn (VLD/VMB) <gwyn>)
Organization: Ballistic Research Lab (BRL), APG, MD.
Lines: 17

In article <22624@beta.lanl.gov> ttp@beta.lanl.gov (T T Phillips) writes:
-> And after you generate this random "pasword", no human user will be able
-> to remember it. And so your users will write the "passwords" down, paste
-> them on their terminals, ...etc.
-I don't know about other government installations installations,
-but here at Los Alamos, we are given what seem to be random
-passwords annually.  You must protect your password as you do
-your badge.  My observation is that the engineers, scientists,
-secretaries and managers seem to be able to cope with the random
-passwords without significant problems.

I don't know what your observations consist of.  Security specialists
would bet that most of those persons have written down the password
(also combinations, etc.) and that there is a significant chance that
it could be compromised undetectably.  I assume your badge has your
photo on it and other things that make it much harder to compromise
than a password.