[Freeipa-devel] [PATCH] confirm password
Pete Rowley
prowley at redhat.com
Fri Sep 7 18:47:32 UTC 2007
Andrew C. Dingman wrote:
> On Fri, 2007-09-07 at 11:09 -0700, Pete Rowley wrote:
>
>>> Except that it is useful when generating accounts (especially a large
>>> number) and then printing the account information to hand to the user.
>>> We had discussed being able to generate a pdf with the account
>>> information for this purpose.
>>>
>>>
>>>
>> Generating a unique password and then printing it out for easy
>> compromise seems like something we definitely shouldn't be doing or
>> encouraging. I believe current practice of setting the initial password
>> tends to fall into two categories:
>>
>> 1) the end user is asked to type it in
>> 2) it is deterministic
>>
>
> 3) Generate an already-expired password which the user must change at
> first login.
This is a good point, passwords for new accounts should be created in
this state.
> Print the thing out and put it in their inbox. Since the
> password has to be changed on first use, any compromise will be detected
> by the user, who WILL contact the helpdesk because they want access to
> their account.
>
This is a reasonable compromise, but the difference between printing out
the password and generating a deterministic one that is based on user
data is quite small (apart from your point about regulatory bodies) - in
both cases there is an increased chance for compromise. The important
issue is being able to detect the compromise in both of these cases.
In any case, I don't think we should try to solve this problem now - it
is not clear that we would even be solving the right problem.
--
Pete
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3241 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20070907/9566eb27/attachment.bin>
More information about the Freeipa-devel
mailing list