A couple of random questions about login
J.Witvliet at mindef.nl
J.Witvliet at mindef.nl
Tue Sep 3 12:49:44 UTC 2013
-----Original Message-----
From: users-bounces at lists.fedoraproject.org [mailto:users-bounces at lists.fedoraproject.org] On Behalf Of Bryn M. Reeves
Sent: Monday, September 02, 2013 6:42 PM
To: Community support for Fedora users
Subject: Re: A couple of random questions about login
On 09/02/2013 04:42 PM, Bill Oliver wrote:
> My wife turned to me and said, "If I were the bad guy, I'd just have the
> computer delete everything if someone entered the boat name, or at least
> send me a text. The boat was an obvious guess, and I would never
> accidentally type it in."
This is pretty close to the concept of a duress code or panic password -
a special signal that you only give when under duress to covertly
indicate that fact:
http://en.wikipedia.org/wiki/Duress_code
There's a problem with this idea though: anyone who knows or suspects
that you are using such a booby trap and has access to the system just
has to guess the right term and they can hose your data.
-----Original Message-----
Well, there are some other points to make...
A nice way to protect your data, is to have it all in an LUKS-encrypted container, and store the key on a smartcard.
Three times wrong, and gone forever :-) Works good enough, but there is a snag:
If they hold your daughter at gunpoint, you will certainly give the correct code.
With regards to duress-login, there might be a "simple" roundabout:
For each user, create double login entries. Like "John.Doe" and "J.Doe".
Both (!) giving full access to your environment & data. Only difference is if you use the second, alarms are triggered, while you/hostages remain unharmed.....
Hw
______________________________________________________________________
Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het electronisch verzenden van berichten.
This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. The State accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages.
More information about the users
mailing list