Path: utzoo!utgpu!watmath!clyde!att!pacbell!ames!haven!adm!smoke!ibd!heilpern
From: heilpern@ibd.BRL.MIL (Mark A. Heilpern )
Newsgroups: comp.unix.wizards
Subject: Re: Password security - Another idea
Message-ID: <244@ibd.BRL.MIL>
Date: 11 Jan 89 13:13:15 GMT
References: <228@sea375.UUCP> <4497@xenna.Encore.COM> <6634@killer.DALLAS.TX.US> <674@ihnet.ATT.COM> <8705@bloom-beacon.MIT.EDU> <9326@smoke.BRL.MIL> <329@csd4.milw.wisc.edu>
Reply-To: heilpern@brl.arpa (Mark A. Heilpern (IBD) <heilpern>)
Organization: Ballistic Research Lab (BRL), APG, MD.
Lines: 22

In article <329@csd4.milw.wisc.edu> astieber@csd4.milw.wisc.edu (Anthony J Stieber) writes:
.>How about this:
.>	Each account has several passwords only one is active
.>	at a time.  On each login the next password (or phrase)
.>	is activated.  An alternative would be that at logout
.>	a password would randomly be chossen and message
.>	refering to that password would be printed for the
.>	user.  The advantage to this is that a user would
.>	know the moment they tried to login that some one
.>	has used their account (unless all passwords were
.>	broken).


Too many people are complaining that their users can not remember 
'complicated' passwords like "bad!memory", so how can we expect them to
remember what the computer said (eluded) their next password will be?
Also, when it came time to change the password, would he have to change
all of them, or just the one last used?
-- 
 |\/|         |
 |  |   _     |<
/    \_(_(_)\_/ \______