Re: Usability issue when forced to change password when logging in to a system

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Fri, Jan 23, 2015 at 10:50 AM, Peter Stuge <peter@xxxxxxxx> wrote:
> John Olsson M wrote:
>> it looks like OpenSSH does not cache and copy the authentication password
> ..
>> So I am wondering if there is any reason for doing like this?
>
> Data hygiene is one.

Also, in my opinion as more of an admin than a developer, any bug in a
routine that stores psswords temporary in plain text is *begging* to
have a bug or get an unexpected modification that publishes the
passwords somewhere else.  Basically, never handle or store dangerous
information that you don't *have* to store.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux