Am 2018-03-26 10:46, schrieb Clint Dilks: > Hi, as you why it is insecure the biggest reason is that it is trivial > for > a user to get sensitive information about other users. Particularly > things > like password hashes, and with the compute power available today > cracking a > hash is not impractical. You don't even need to crack them yourself. If you have the hashes, you can just use rainbow-tables available online, sometimes for a small fee. Still relying on NIS is barely different from not having a password at all and just using a login. In both cases, you have to trust your users - it's no different.