[1037] in Kerberos
Re: Trivial passwords
daemon@ATHENA.MIT.EDU (marc@ATHENA.MIT.EDU)
Wed Jun 20 00:00:47 1990
From: marc@ATHENA.MIT.EDU
To: bcn@CS.WASHINGTON.EDU (Clifford Neuman)
Cc: smb@ULYSSES.ATT.COM, kerberos@MIT.EDU
In-Reply-To: [1033] in Kerberos
Reply-To: marc@MIT.EDU
Date: Tue, 19 Jun 90 23:04:54 EDT
Another problem with having the server mandate "good" passwords is
that sometimes they are inappropriate. Demo or test accounts may
intentionally have easy-to-remember passwords. Security here isn't an
issue, because these passwords are probably widely known. If the
client does the checking, than it can be overridden by the people
setting up these kinds of accounts.
Marc
