Path: utzoo!attcan!uunet!lll-winken!ames!haven!grebyn!macom1!roth
From: roth@macom1.UUCP (Dennis Paul Roth)
Newsgroups: comp.unix.wizards
Subject: Re: Password security - Another idea
Message-ID: <4784@macom1.UUCP>
Date: 12 Jan 89 21:51:08 GMT
References: <228@sea375.UUCP> <4497@xenna.Encore.COM> <6634@killer.DALLAS.TX.US> <8705@bloom-beacon.MIT.EDU>
Organization: CENTEL Federal Systems, Reston, VA. 22091-1506
Lines: 21

In article <8705@bloom-beacon.MIT.EDU>, jik@athena.mit.edu (Jonathan I. Kamens) writes:
( I deleted some stuff - DPR )
> so I have
> to take that paper out of my wallet and look at it every time I login.
> How long do you think it's going to be before someone surreptitiously
> glances over my shoulder when I take it out to look at it and
> therefore gets my password?

That's a security problem of a different sort. Now your talking about some
one at the job site, in your office, looking over your shoulder. There is
no protection against an insider. An insider doesn't need to steal your 
password, he can steal your backup tapes or printouts. The insider may
already have an account on the computer and doesn't need your account.
In high security installations the most serious security breaches come
not from outsiders breaking in but from insiders selling out! If you can't
trust the people you work with your working with the wrong people.
-- 
Dennis Roth     ...grebyn!macom1!roth          Centel Federal Systems
                     roth@macom1.UUCP          11400 Commerce Park Drive
                                               Reston, VA 22091-1506
  A posting a day keeps the boredom away.          703-758-7000