ADSM-L

Reply to Password Chaos with

1996-11-20 13:54:00
Subject: Reply to Password Chaos with
From: Mike Stewart <STEWAJM AT AUDUCADM.DUC.AUBURN DOT EDU>
Date: Wed, 20 Nov 1996 12:54:00 -06
*** Comments From: STEWAJM - Stewart, Mike; 11/20/96 12:50pm

Does anyone else consider it to be a terrible security
violation for the 32-bit windows client to store the
users password in encrypted form, but then provide
an option to decrypt it and list it in clear text??

That is just as bad a simply coding it in the
DSM.OPT file.  It means anyone who wanders by an
unlocked PC can obtain your user's passwords.

I really think the "display password" option should go.
<Prev in Thread] Current Thread [Next in Thread>