[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Many passwords



   Date: Wed, 7 Feb 2001 18:32:03 -0500
   From: Peter W <peterw@usa.net>

   If all the hosts can talk to the LDAP server, then wouldn't you want to use 
   the same password for all of them? Isn't that one of the selling points of 
   stuff like NIS/NDS/ActiveDirectory/LDAP? 

You might not have a choice.  On some systems the administrators make
up the passwords, and you can't change your own password.  (Usually
the theory here is that if allowed, you'll change your password to
something easy and obvious to guess.)

Or, perhaps there's one host that has excellent security, on which you
store valuable secrets, and there's another host with mediocre
security, from which passwords could more easily be stolen.  If you
use the same password, the bad guys can crack the less-secure
computer, and then log in as you on the more-secure computer.

-- Dan