[Labs-l] 2-factor shell auth (was:second attempt to request alternative login server)
Jeremy Baron
jeremy at tuxmachine.com
Wed Mar 6 19:15:06 UTC 2013
On Wed, Mar 6, 2013 at 7:12 PM, Petr Bena <benapetr at gmail.com> wrote:
> Do you know that we are talking about labs and not production? I don't
> want to look like some insecure-stuff loving guy - but why in the
> world someone wanted to brute force into labs?
Why invite them to?
> If I was hacker and I
> wanted to get into labs - I would just request an account and I would
> get it...
Also, some parts of labs may have different security needs than
others. Brute forcing a password gets you access to what that user
already has access to. Making a new account starts you out with almost
no access.
> Do we need some high tech security here?
What does it hurt?
More information about the Labs-l
mailing list