I want to allow anyone to log into my account on a server. To accomplish this, I would have an account with a simple password. Then, in the .bash_profile file, I'd have this line:

perl "login.pl"
[download]

The login.pl file would hold the following code:

#!/usr/bin/perl
$SIG{TSTP} = 'IGNORE';

system "stty -echo";
system "clear";

print "Enter Password: ";
$input = <STDIN>;
chomp $input;

open FILE, "<.admin";
@passwd = <FILE>;
chomp @passwd;
close FILE;

($nil, $passwd) = split(":", $passwd[0]);
$input = crypt($input, substr($passwd, 0, 2));

if ($input ne $passwd) {
system "clear";
system "stty echo";
print "Enter URL: ";
$url = <STDIN>;
chomp $url;
system "lynx $url";
exec "login.pl";

} else {

for $i (1 .. $#passwd) {
system "clear";
print "Enter Password: ";
$input = <STDIN>;
chomp $input;
($nil, $passwd) = split(":", $passwd[$i]);
$input = crypt($input, substr($passwd, 0, 2));
if ($input ne $passwd) { while (1) { system "clear"; print "Enter Pass
+word: "; $
a = <STDIN>; } }
}

system "stty echo";
system "clear";
print "Passwords Correct\n\n";
exit;
}
[download]

The .admin file looks something like this:

user1:password1
user2:password2
user3:password3
user4:password4
user5:password5
[download]

To sum it up, if the user does not enter the first correct password, it allows the user to only use lynx. The reason for the encrypted passwords is because anyone can look at the source of the script using lynx... Just pressing "g -> /home/user/login.pl" allows them to do so. I added the while loop in there so that if after the first password is entered correctly, the user has no idea whether or not the next 4 passwords are right! (Of course, this sucks for me if I enter one wrong!) The question is, anyone can also view the .admin file... Is 5 passwords enough (they are all VERY different in style and length). All I want to know is, do I risk any danger with this method of protection if I change the 5 passwords every week?