next up previous
Next: User Problems: Up: Different logins for different Previous: Security Measure:

Security Goals:

By requiring a separate username/password pair for each system, any successful attack will be limited to one system rather than compromising the whole.

In some instances, this is not so much a goal as laziness or lack of knowledge on the part of the administrators. It is often much easier, from an administration standpoint, to have separate logins. And, of course, some systems are run by different organizations that can't or shouldn't share information (for example, work email vs a free webmail service such as Hotmail).

Terri 2004-01-05