[Freeipa-devel] [PATCH] confirm password
Pete Rowley
prowley at redhat.com
Fri Sep 7 18:09:07 UTC 2007
Karl MacMillan wrote:
> On Fri, 2007-09-07 at 10:50 -0700, Pete Rowley wrote:
>
>> Karl MacMillan wrote:
>>
>>> On Thu, 2007-09-06 at 14:27 -0700, Kevin McCarthy wrote:
>>>
>>>
>>>> After some feedback from Bob and Pete, I'm removing the password
>>>> generator and adding a confirm password field. (Just commented out for
>>>> now in case people change their mind)
>>>>
>>>>
>>>>
>>> What was the rationale for this?
>>>
>>>
>>>
>> Generating passwords requires that the password be communicated to the
>> admin in the clear which introduces shoulder surfers and screen scrapers
>> to the threat model. In addition the password is not likely to be
>> memorable enough to not be written down somewhere, and so further
>> exposing it to risk of compromise.
>>
>>
>
> Except that it is useful when generating accounts (especially a large
> number) and then printing the account information to hand to the user.
> We had discussed being able to generate a pdf with the account
> information for this purpose.
>
>
Generating a unique password and then printing it out for easy
compromise seems like something we definitely shouldn't be doing or
encouraging. I believe current practice of setting the initial password
tends to fall into two categories:
1) the end user is asked to type it in
2) it is deterministic
Both options are covered by the ui as it now is with the caveat that the
deterministic password must be typed in.
I don't see this in the PRD, did I miss it?
--
Pete
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3241 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20070907/53cabfee/attachment.bin>
More information about the Freeipa-devel
mailing list