Path: utzoo!attcan!uunet!lll-winken!ames!killer!rpp386!jfh
From: jfh@rpp386.Dallas.TX.US (John F. Haugh II)
Newsgroups: comp.unix.wizards
Subject: Re: Password security - Another idea
Summary: Already been suggested ...
Message-ID: <10771@rpp386.Dallas.TX.US>
Date: 7 Jan 89 14:59:38 GMT
References: <228@sea375.UUCP> <4497@xenna.Encore.COM> <4537@xenna.Encore.COM> <4547@xenna.Encore.COM> <2338@cuuxb.ATT.COM> <900@eta.unix.ETA.COM>
Reply-To: jfh@rpp386.Dallas.TX.US (John F. Haugh II)
Organization: River Parishes Programming, Dallas TX
Lines: 21

In article <900@eta.unix.ETA.COM> bstrand@woods.unix.eta.com (Brad Strand) writes:
|The idea would be for the system to replace the "password:" prompt
|with a prompt more like, "How about C?", where C is some reasonably
|small (maybe 16-bit) random "Challenge" number generated by the system.
|The user must then apply his/her pass-function to this particular C,
|and enter the resulting F(C).  Example:
|
|   login: <bstrand>
|   How about 1204? <4819>
|   Welcome, Brad!   ... etc.

A similiar sort of program was posted to the net some time last year
by Phil Karn [ KA9Q ].

It was V10i031 in comp.sources.unix and should be available from your
nearest comp.sources.unix archive.
-- 
John F. Haugh II                        +-Quote of the Week:-------------------
VoiceNet: (214) 250-3311   Data: -6272  |"Now with 12 percent less fat than
InterNet: jfh@rpp386.Dallas.TX.US       | last years model ..."
UucpNet : <backbone>!killer!rpp386!jfh  +--------------------------------------