On 9 Apr 2001, at 7:54, wojtek@3miasto.net wrote:

> user hack=read password written on paper and glued to monitor

Restrict logins to ips or do not allow them from the outside, and the 
problem is limited to physical access to your computers. 

If you have only remote users: this is even better, one stupid cannot 
risk the security of all. 

Do not forget, that EU politicians try to get access to ISPs data. 
Although they currently request access to logfiles only, the basic 
legal structure requires only minor changes in some local 
announcements to require ISPs to give law enforcement (and other 
?) forces access to *all* user data. If they only have access to 
encrypted data, there is no need for them to access it.

mike