Default encrypted passwords = yes?

[Esh, Andrew]

Personally, I lean toward defaulting to encryption. I'd rather make it
easier for people to get it right with encryption turned on, and deal with
the less educated folks who need to be told to use encryption. I don't like
the idea of having the no-brainer method being the unencrypted one.

My main reason for this position comes from my experience with a Windows 98
bug I was working on with Chris Hertel earlier this year. I spent a lot of
time searching the Microsoft Knowledge database for *anything* which
referred to Samba. Microsoft seems to have been careful to weed out any
reference to Samba, other than a set of tech notes which all address the
same subject: How to turn off encryption in Windows so it will work with
Samba. They seem to be pointedly saying that Samba is inherently insecure,
and can not use encryption. Microsoft doesn't give instructions for turning
ON encryption in Samba, probably because they don't want it to work. They
want the user to be faced with disabling Windows encryption, so that they
instead decide not to use Samba.

Of course all of this is my personal opinion, and may only be a figment of
my imagination (or paranoia). But since Microsoft's only reference to Samba
is on the subject of encryption, there should be an effort to get it as
right as the user will expect it to be, and not leave open the probability
that it will fail. Chances are they will then go to the Microsoft help site
(what else do they know?), and be told by Microsoft that they have to
disable Windows security. That gives Microsoft a stick to hit Samba with.
Let's take it out of their hand.

---
Andrew C. Esh                mail:Andrew.Esh at tricord.com
-------------- next part --------------
HTML attachment scrubbed and removed