In our university the system admins found a nice workaround for that. Every night a password cracking system is run on all user passwords (a combination of brute-force and dictionary cracking). If a password is discovered the corresponding account is disabled and the user is notified. The user must then go to the administrators and pick a new password. After doing this twice most of my fellow students were annoyed enough to pick a secure password.
In a medium/large size hospital if the system administrator does that that once he may escape... if he does that twice he have a good probability of being fired. If he somehow gets to be backed up by the hospital administrator then the Administrator will be fired, or in no time you will have the medical associations, the nurse associations, the salvation army... whatever, claiming in the TV, Radio, Newspapers that civil liberties are being menaced at that hospital...
So forget about that. At Med School we also tend to treat our students like that... they get sloppy once they get a slap on their hand, they get sloppy again, no toy and no play for a fortnight.
Alright, I agree with that now. But I still think there should be an interface to validate users with a two-key system like PGP for outside-hospital users like doctors requesting data on certain patients, what about that?
The cryptographic part of PGP as also been broken. And I am not refering to that simple thing of the S-boxes. Many people wondered, for many time, if and when the artificial intelligence panoply would ever get any real usefulness, well... it seems that a modified Neural Network did (does) the job. Don't you just love technology?
J. Antas
------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Care2002-developers mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/care2002-developers
