Update for 02-02-22 14:45

tech/digital_authentication.wiki

@@ -22,6 +22,12 @@ Derived requirements from this,
 == means of authentication ==
 
 * password/pin
+  * ID that goes with password must be unique
+  * Vulns
+    * dictionary
+    * popular password
+    * password guessing against 1 user
+    * Social engineering password out of user
 * physical token (IE smart card)
 * static biometrics (IE finger/face)
 

tech/security.wiki

@@ -30,6 +30,7 @@ Hiding information
 
 * [[Signatures]]
 * [[digital_authentication]]
+* [[unix_password]]
 
 === Misc ===
 

tech/unix_password.wiki

@@ -0,0 +1,23 @@
+= unix password scheme =
+
+== logging in ==
+
+* Take password and salt into hash function
+* store it into a local file including
+  * user id
+  * salt
+  * hash
+
+== logging out ==
+
+* User id is fetched as well as salt
+* given password is hashed with salt
+* compare stored hash against outputted hash
+
+== Improvements ==
+
+* Use MD5 hash
+* 48 bit salt
+* password length is unlimited
+* 128bit hash
+* Uses inner loop with 1000 iterations