GENWiki

Premier IT Outsourcing and Support Services within the UK

User Tools

Site Tools

Trace: rfc972
rfc:rfc972

Network Working Group F. Wancho Request for Comments: 972 WSMR 

                                                          January 1986
                    Password Generator Protocol

STATUS OF THIS MEMO 

 This RFC specifies a standard for the ARPA Internet community.  Hosts
 on the ARPA Internet that choose to implement a Password Generator
 Protocol (PWDGEN) are expected to adopt and implement this standard.
 Distribution of this memo is unlimited.

BACKGROUND 

 Many security-conscious host administrators are becoming increasingly
 aware that user-selected login passwords are too easy to guess for
 even casual penetration attempts.  Some sites have implemented
 dictionary lookup techniques in their password programs to prevent
 ordinary words from being used.  Others have implemented some variant
 of a randomly generated password with mixed success.  The problem
 arises from the fact that such passwords are difficult to remember
 because they cannot be pronounced or are based on a relatively short
 cycle pseudo-random number generator.
 A version of the PWDGEN algorithm briefly described below has been in
 use for several years at a small number of sites in the Internet.
 Interest has recently been expressed at porting this algorithm to
 other sites.  However, the relatively short cycle and the resulting
 randomness of the pseudo-random number generator available on these
 sites tends to interfere with the intended result of minimizing the
 potential duplication of passwords both within a site and across
 sites when a user has access to more than one site.
 The PWDGEN Service described herein provides a means for sites to
 offer a list of possible passwords for the user to choose one from
 the first set, or optionally select from another set.  With more than
 one site offering this service, it is then possible to randomly
 select which site to use and have multiple fallback sites should that
 site be unavailable.
 Description
    The PWDGEN Service provides a set of six randomly generated
    eight-character CRLF-delimited "words" with a reasonable level of
    pronounceability, using a multi-level algorithm.  An
    implementation of the algorithm is available in FORTRAN-77 for
    examination and possible implementation by system administrators
    only.

Wancho [Page 1]

RFC 972 January 1986 Password Generator Protocol 

    The uniqueness of the generated words is highly dependent on the
    randomness of the initial seed value used.  The availability of a
    single system-wide seed, updated after each access is highly
    desireable.  Seeds based on a time-of-day clock are unacceptable.
    Seed values should be stored as values in excess of 32 bits for
    best performance.
 TCP Based PWDGEN Service
    One PWDGEN service is defined as a connection based application on
    TCP.  A server listens for TCP connections on TCP port 129.  Once
    a connection is established, the six CRLF-delimited words are
    generated and sent to the caller, and the connection is closed by
    the server. No dialog is used or required.
 UDP Based PWDGEN Service
    Another possible PWDGEN service is defined as a datagram based
    application on UDP.  A server listens for UDP datagrams on UDP
    port 129.  When a datagram is received, the six CRLF-delimited
    words are sent back in an answering datagram.

Wancho [Page 2]

/home/gen.uk/domains/wiki.gen.uk/public_html/data/pages/rfc/rfc972.txt · Last modified: 1986/01/14 17:59 by 127.0.0.1
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki