Path: utzoo!utgpu!attcan!uunet!mcvax!ukc!warwick!inmos!rob
From: rob@inmos.co.uk (Robin Pickering)
Newsgroups: comp.unix.wizards
Subject: Re: Password security - Another idea
Keywords: password security per-user password-modification
Message-ID: <669@brwa.inmos.co.uk>
Date: 5 Jan 89 17:31:24 GMT
References: <228@sea375.UUCP> <4497@xenna.Encore.COM> <2271@pompeii.cs.swarthmore.edu> <4523@xenna.Encore.COM> <232@ibd.BRL.MIL>
Reply-To: rob@inmos.co.uk (Robin Pickering)
Organization: INMOS Limited, Bristol, UK.
Lines: 19

In article <232@ibd.BRL.MIL> heilpern@brl.arpa (Mark A. Heilpern (IBD) <heilpern>) writes:
>Here's an interesting idea:
>
>Let's assume a users password is:  physics
>This would most likely be solved in a routine dictionary search.
>
>Suppose, among the standard dot files in the home directory, there was to be
>a new one: .case . The login program is to check this file,

Why stop with case, why not specify a more general per-user password pre-
munging mechanism.  This seems quite an effective way to increase the
password search space to any party without access to the private munging
factor used.

 Rob Pickering
 
(JANET only: ROB@UK.CO.INMOS)       | Software Group, Inmos Bristol.
ARPA/UUCP:      rob@inmos.co.uk (...uunet!mcvax!ukc!inmos!rob)
(... any opinions expressed are my own.)