[sork] Re: [imp] poppassd - limiting access attempts
Eric Rostetter
eric.rostetter@physics.utexas.edu
Sun Oct 13 03:33:13 PDT 2002
Quoting DV Black <groups@ComputerBums.com>:
> A security question about the IMP password module:
Are you running IMP 2.x? If so, it is an IMP password module. Otherwise
it is a Horde password module.
> If we were to install the password module into IMP,
> would it be possible to limit the number of attempts
> to find and change the old password (via poppassd)?
There is no provision in the passwd module for this. So, you would need
to either find a poppassd server that supports this, or code it into either
passwd or poppassd. I don't know of any poppassd servers that support this.
My suggested way to do this would be to have a PAM based system, and have PAM
control the number of password changes per account per time period. Than
I would get a PAM enabled poppassd server. That would be the best practice
way of doing it, in the unix/VMS/PAM world at least -- you don't say which
OS the passwords are on...
> - Thanks
> Don V Black
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Why get even? Get odd!
More information about the sork
mailing list