On Sun, Oct 07, 2007 at 06:41:25PM +0200, Lubomir Kundrak wrote: > Would the system, where an user would have to know ten passwords and > five usernames be more secure than one, where account is protected just > with the password? If yes, why don't we do that now? I'm sort of scared anybody in a security team would even ask that question as is. A system with one common password if the password is good should reduce the changes of a user forgetting it and the human tendancies to do dumb things (although there are good arguments that writing it down isn't actually that dumb in the general case) Multiple login/password sets means a breach of one system does not trigger a breach of another. This is why your credit card number isn't a good password for the local irc server or MUD. Alan -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
