120 ;;Quote: a security system must assume that the network is controlled by an adversary; a modified Kerberos can meet this goal

121 ;;Quote: in Kerberos, all privileges depend ultimately on the user's typed password

122 ;;Quote: if a password system runs on a multi-user workstation, cached keys are accessible to attackers

123 ;;Quote: an authentication system should be independent of a time service; Kerberos assumes that clocks are roughly synchronized; an adversary could spoof an unauthenticated time service

124 ;;Quote: challenge/response is more secure than time-based authentication; based on computing some function of a nonce

124 ;;Quote: use exponential key exchange to limit password-guessing assaults

125 ;;Quote: an intruder can replace the login command and capture passwords; avoid by challenge-response or a handheld authenticator