In message 19990423174847.18242.qmail@ns.gbnet.net, James R Grinter writes :
On Fri 23 Apr, 1999, Colin Johnston colinj@uk.psi.com wrote:
I understand the need to distribute pdf docs as there are useful for administration but password info in clear text could be overcome by encrypting the pdf's stored online(and in the binary distrib) and doing decryption of pdf info if required.
Much better to be so open about default passwords that no one mistakenly believes it could be kept secret, then people *will* change the default passwords. I almost feel compelled to go and compile a list of all default passwords for all software and hardware known to mankind (but someone has probably already beaten me to it.)
I'd bet money on it.
Security through obscurity is weak at best. (Not sure whose quote I'm butchering.)
jason