On Tue, 2009-09-29 at 11:23 -0500, Tilghman Lesher wrote: > On Tuesday 29 September 2009 10:30:37 John A. Sullivan III wrote: > > Second, I believe we saw a way we could map the Asterisk password to the > > regular user password (it's been a while so I'm not sure about that) but > > were concerned about the problems of entering secure passwords from a > > phone keypad. We enforce fairly secure passwords - at least nine > > characters with some variety of characters and encourage much longer > > passwords. Having to enter lots of characters in both cases as well as > > symbols seemed difficult from a phone keypad. Thus, we decided > > (reluctantly) to use separate simple passwords for phone access instead > > of the very secure passwords we use to data access. > > I would hope that you're at least restricting your peers to be limited to a > set of IPs distinctive to your phones. Otherwise, this is a recipe for > disaster, especially if a) your registration server is accessible externally, > and b) your phones are permitted to make toll calls, especially international > numbers. > > Most good IP phones permit a method of configuration which does not require > typing a password into a keypad. You should probably learn to use that method > or switch to a phone with that ability, then use secure passwords. Phones are > just as important as data and should be supplied with complex passwords. > Thanks for the feedback. Indeed, we do restrict the SIP domains and do not allow registration from outside the internal network and we do use passwords - just not as sophisticated.
Perhaps I am being overly conscious of client simplicity. I was thinking of the case where internal users might temporarily move to another phone. Rather than pulling up the web interface to the phone, we wanted them to be able to register through the phone keypad. I suppose they would need to enter their IDs anyway and those are alpha-numeric. Thus, the entering passwords would be similar to entering the IDs. On the other hand, we do tend to use the same registration password for voicemail and meetme and those are regularly entered from the key pad. Thanks - John -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsulli...@opensourcedevel.com http://www.spiritualoutreach.com Making Christianity intelligible to secular society _______________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- AstriCon 2009 - October 13 - 15 Phoenix, Arizona Register Now: http://www.astricon.net asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users