mars-nwe/NEWS

39 lines
1.5 KiB
Plaintext
Raw Normal View History

2011-11-13 00:38:56 +01:00
------13-Feb-96---------
New alternative password strategy in mars_nwe:
There is an new entry '7' in ini/conf file.
The user has now 4 ways to choose.
1. entry '7' = '0'.
maximal security by forbid unencryted password calls,
but till now no chance to modify passwords with client requests.
2. entry '7' = '1'.
good security by only allow unencryted change password call.
Here the user can use an old SETPAS or SYSCON program which
make the changing of passwords with unencryted calls.
3. entry '7' = '8'.
less security by allow all unencryted password calls.
Like 2. but the user can also use old LOGIN program
with unencryted passwords. Mars_nwe will allow password
from the bindery and system-user-password.
4. entry '7' = '9'.
Like 3. but in additional the routine 0x17 ufunc=0x17
(get crypt key) will allways fail.
So the LOGIN.EXE and SYSCON.EXE means that this is an old server
with only unencrypted passwords and will switch to the old unencryted
calls.
With the unencryted calls the clear passwords will go through the
wire, so mars_nwe can compare the passwords as well with the
stored bindery passwords as with the system passwords (crypt).
But there is a little hint. Passwords will ever be uppercase sent
from LOGIN.EXE or SYSCON.EXE
Mars_nwe makes three tries.
First try is with bindery-password, second try is with system
user-password and third try is making the password downcase and
compare with systen-user-password again.
When a user changes his password, only the bindery password will
be changed.