>From: Doug Hughes <Doug .
Hughes @
Eng .
Auburn .
EDU>
>Date: Fri, 8 Mar 1996 19:35:28 -0600
>I just want to point out that a random password program does have a valid
>use. We use it to generate new user accounts. A sheet prints out when
>they go to the computer to get a new account. This sheet has the students
>userid and a random password. On the sheet are instructions on how the
>student should change their password to something else and what good
>choices are. The student shows us his/her ID, we enable the account, and
>voila. We do not force users to keep these passwords. In fact, we encourage
>them to change the password.
Fair enough, but other alternatives exist.
Back when I was still running a public-access UNIX box at home, one of
the questions that would be asked of a prospective subscriber is what
the initial password was to be. (Naturally, I tried to encourage a
degree of "quality" for same....) Still, the account would be created
with that password... which would be marked "expired," which forced the
subscriber to change it.
That certainly wasn't "perfect," yet seemed to work out reasonably well
in practice.
david
--
David Wolfskill dhw @
filoli .
com
|
|
