On Wed, 26 Nov 1997, R. Todd Truitt wrote:
> At 06:27 PM 11/21/97 -0800, David Lang wrote:
> >If I was telnetting in you would be correct, however I am just using the
> >serial console so there is no possibility of snooping. On other firewalls
> >there is the possibility of using a one-time password of some sort, PIX
> >does not support this.
> Actually, the PIX supports a variety of OTP solutions via RADIUS and
> TACACS+. I would use TACACS+ as this provides enhanced security.
radius and tacacs+ can be used for authenticating ftp and telnet sessions
but not for http (according to the PIX manual) this still does not apply
to the passwords for the PIX itself.