happy new year, one security related question (UNIX) - 未名空间MITBBS历史存档

国际科技财经博客移民网络热点娱乐民生时事公众号

Redian新闻

>未名空间

>Unix - 噫吁兮，危乎高哉

happy new year, one security related question (UNIX)

happy new year, one security related question (UNIX)# Unix - 噫吁兮，危乎高哉

c*t2007-12-26 08:12

1 楼

Thank you, coconut, for always answering my questions!!
One more security related questions here and happy new year to you!!
If there is a financial application sit on UNIX (UNIX has all the necessary
password complexity, lockout...), but the application can only set the lock
out (lock out after 3 times of failure attempts. It can not enforce password
complexity because of the application limitation). Is it a big deal?
I mean is it easy for people who knows other's UNIX password to get into
that

c*t2007-12-26 08:12

2 楼

That's pretty strong security, as long as the user is not using
some trivial passwords.
As always, one concern is that an user uses the same password
on other machines that can be easily cracked, but that's not
something in control of this specific application.
There is, however, a downside to this. Because of the lock
feature, that means one need to ask to reset the password
if one makes mistake. Thus can cause some annoyances. If
one does not use it frequently, or picks a relatively difficu

【在 c********t 的大作中提到】

: Thank you, coconut, for always answering my questions!!
: One more security related questions here and happy new year to you!!
: If there is a financial application sit on UNIX (UNIX has all the necessary
: password complexity, lockout...), but the application can only set the lock
: out (lock out after 3 times of failure attempts. It can not enforce password
: complexity because of the application limitation). Is it a big deal?
: I mean is it easy for people who knows other's UNIX password to get into
: that