Path: utzoo!attcan!uunet!lll-winken!ames!haven!grebyn!macom1!roth
From: roth@macom1.UUCP (Dennis Paul Roth)
Newsgroups: comp.unix.wizards
Subject: Re: Password security - Another idea
Message-ID: <4785@macom1.UUCP>
Date: 12 Jan 89 22:36:20 GMT
References: <228@sea375.UUCP> <4497@xenna.Encore.COM> <6634@killer.DALLAS.TX.US> <329@csd4.milw.wisc.edu>
Organization: CENTEL Federal Systems, Reston, VA. 22091-1506
Lines: 24

In article <329@csd4.milw.wisc.edu>, astieber@csd4.milw.wisc.edu (Anthony J Stieber) writes:
> How about this:
> 	Each account has several passwords only one is active
> 	at a time.  On each login the next password (or phrase)
> 	is activated.  An alternative would be that at logout
> 	a password would randomly be chossen and message
> 	refering to that password would be printed for the
> 	user. (stuff deleted - DPR )

Naw, I don't like this idea at all. Too much memory power is required
from the user. There is no way I'm going to remember which password
in the sequence of passwords I used last. I'll end up having to try them 
all. I can see myself now, talking to some irate customer over the phone 
and trying time after time to get logged on so I can get at the 
information he needs. Logins failing and me not knowing if it was
because I typed in the wrong password in the sequence, or the right
password with a typo. If we make the login procedure tough enough
we'll have the ultimate in security, all the info nice and safe
because no one can get logged on to get at it!
-- 
Dennis Roth     ...grebyn!macom1!roth          Centel Federal Systems
                     roth@macom1.UUCP          11400 Commerce Park Drive
                                               Reston, VA 22091-1506
                                               703-758-7000