On Mon, 23 Nov 1998, David Holland wrote:

// Yeah, except better yet would be not using password authentication
// at all when it's not needed. If you're going to modify the programs
// anyway, one might as well do it right.

	Right, of course, being runtime configurable via some piece of
external code where I can decide for myself how various services
authenticate on my systems.  Sometimes passwords are good, most of the
time they're bad, but finding something to use in place of passwords is
generally done per-site.  I carry both SecurID and Cryptocards in my
pocket, along with two computers in my backpack with at least three
different s/key calculators among them, various RADIUS auth systems,
tacacs+, kerberos 4 *and* 5, and (yep, just verified), AFS 3.4a, and a few
other specific auth ``solutions'' that people have come up with.  That's
just my left pocket and backpack...I've got more at work I'm sure.  I'd be
happy if I only had to interface each one once, and have it work with
everything on every OS I use.  :)

--
SA, beyond.com                            The world is watching America,
pub  1024/3CAE01D5 1994/11/03 Dustin Sallings <dustin@spy.net>
|    Key fingerprint =  87 02 57 08 02 D0 DA D6  C8 0F 3E 65 51 98 D8 BE 
L________________________________________ and America is watching TV. __