[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: gdm Create User

From: Alan Cox <alan redhat com>
To: Lubomir Kundrak <lkundrak redhat com>
Cc: Alan Cox <alan redhat com>, Development discussions related to Fedora <fedora-devel-list redhat com>
Subject: Re: gdm Create User
Date: Sun, 7 Oct 2007 18:20:42 -0400

On Sun, Oct 07, 2007 at 06:41:25PM +0200, Lubomir Kundrak wrote:
> Would the system, where an user would have to know ten passwords and
> five usernames be more secure than one, where account is protected just
> with the password? If yes, why don't we do that now?

I'm sort of scared anybody in a security team would even ask that question
as is.

A system with one common password if the password is good should reduce
the changes of a user forgetting it and the human tendancies to do dumb
things (although there are good arguments that writing it down isn't actually
that dumb in the general case)

Multiple login/password sets means a breach of one system does not trigger
a breach of another. This is why your credit card number isn't a good password
for the local irc server or MUD.

Alan

Follow-Ups:
- Re: gdm Create User
  - From: Matthew Miller
- Re: gdm Create User
  - From: Douglas McClendon

References:
- gdm Create User
  - From: Richi Plana
- Re: gdm Create User
  - From: Steve Grubb
- Re: gdm Create User
  - From: Lubomir Kundrak
- Re: gdm Create User
  - From: Steve Grubb
- Re: gdm Create User
  - From: Alan Cox
- Re: gdm Create User
  - From: Lubomir Kundrak

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]