Newsgroups: dbase.wishlist
Subject: Administrator Password
From: info@kanfi.com (Timo Ahjos)
Date: Sat, 08 May 1999 20:29:29 GMT

To Whom It May Concern:

I asked today in ng dbase.ide the following question:

> Can the Administrator Password be changed in VdB 7.01? 
> I don't find any advice on this from the Help file. 

Romain Strieff [dBVIPS] answered as follows:
 
> No, sorry, that password defines how the encryption is done, if you want 
> to change that, you have decrypt all the tables and indexes, re-enter all 
> the groups and users and re-encrypt all of them with a new one.

It seems that the Administrator Password has two roles:

a) It is a password that gives access to the administrative functions,
including possibility to read all user ID's and their passwords.

b) It is a 'key' or 'seed' to the encryption algorithm used in the
system.

If that is correct, I would suggest the following amendments:

1) The importance and irreversibility of that password should be
clearly stated in the documentation. Now everybody probably thinks
that it is not important which password you start with and to whom you
demonstrate it, because it can be easily changed afterwards.

OR, rather:

2)  The roles a) and b) above should be separated. For the role "b"
there could be a key that is given once and then kept in a safe place.
For the role "a" there should be an admininstrator password that is
easy to change any time without any other changes. It would be a good
practice in every organization that the administrator password is
changed when it has been discovered, administrator has resigned, and
regularly from time to time. 

Timo Ahjos
http://www.kanfi.com/dbase2000/