rainlance/amiga-apg
1
0
Fork 0
mirror of https://frontier.innolan.net/rainlance/amiga-apg.git synced 2025-11-21 05:56:29 +00:00
Code Releases 1 Activity
Files
bc6121451bc33b1f707b0469b338cfcf658cbcce
amiga-apg/doc/rfc0972.txt
llsth bc6121451b Initial commit
2015-03-09 16:33:08 +01:00

115 lines
3.7 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Network Working Group F. Wancho
Request for Comments: 972 WSMR
January 1986
Password Generator Protocol
STATUS OF THIS MEMO
This RFC specifies a standard for the ARPA Internet community. Hosts
on the ARPA Internet that choose to implement a Password Generator
Protocol (PWDGEN) are expected to adopt and implement this standard.
Distribution of this memo is unlimited.
BACKGROUND
Many security-conscious host administrators are becoming increasingly
aware that user-selected login passwords are too easy to guess for
even casual penetration attempts. Some sites have implemented
dictionary lookup techniques in their password programs to prevent
ordinary words from being used. Others have implemented some variant
of a randomly generated password with mixed success. The problem
arises from the fact that such passwords are difficult to remember
because they cannot be pronounced or are based on a relatively short
cycle pseudo-random number generator.
A version of the PWDGEN algorithm briefly described below has been in
use for several years at a small number of sites in the Internet.
Interest has recently been expressed at porting this algorithm to
other sites. However, the relatively short cycle and the resulting
randomness of the pseudo-random number generator available on these
sites tends to interfere with the intended result of minimizing the
potential duplication of passwords both within a site and across
sites when a user has access to more than one site.
The PWDGEN Service described herein provides a means for sites to
offer a list of possible passwords for the user to choose one from
the first set, or optionally select from another set. With more than
one site offering this service, it is then possible to randomly
select which site to use and have multiple fallback sites should that
site be unavailable.
Description
The PWDGEN Service provides a set of six randomly generated
eight-character CRLF-delimited "words" with a reasonable level of
pronounceability, using a multi-level algorithm. An
implementation of the algorithm is available in FORTRAN-77 for
examination and possible implementation by system administrators
only.
Wancho [Page 1]
RFC 972 January 1986
Password Generator Protocol
The uniqueness of the generated words is highly dependent on the
randomness of the initial seed value used. The availability of a
single system-wide seed, updated after each access is highly
desireable. Seeds based on a time-of-day clock are unacceptable.
Seed values should be stored as values in excess of 32 bits for
best performance.
TCP Based PWDGEN Service
One PWDGEN service is defined as a connection based application on
TCP. A server listens for TCP connections on TCP port 129. Once
a connection is established, the six CRLF-delimited words are
generated and sent to the caller, and the connection is closed by
the server. No dialog is used or required.
UDP Based PWDGEN Service
Another possible PWDGEN service is defined as a datagram based
application on UDP. A server listens for UDP datagrams on UDP
port 129. When a datagram is received, the six CRLF-delimited
words are sent back in an answering datagram.
Wancho [Page 2]
View Git Blame Copy Permalink