Submitted by NEOatNHNG on Sun, 2014-02-23 05:51
On my server I usually use PAM for services that I only want to provide for internal users because then you only need to manage one password. That doesn't only mean that you have to remember only one password but also that if you change your password, it's changed everywhere. Now there are situations where such a single sign on principle might become a problem. For example if you want to have your emails on your smartphone or check your email in an internet café when travelling the world, but don't want an attacker to be able to have access to all your data if the phone gets stolen or hacked or the internet café computer is infected with a malware.
