Need help with password aging
Darryl P. Wagoner
dpw at lemuria.usi.com
Wed Mar 22 12:54:42 AEST 1989
This is really something that should be done in login(1) and passwd(1)
commands. If you don't have a shadow password file then use a
password aging file. I don't like time warnings as much as I do
notices. ie: you have X logins to change your passwd otherwise login
will forces you to change.
There is also other games you can play like expire the password if
more than X attempts have been made on that account. Or a password
aging based upon the number of valid logins. You get the idea.
The other thing that passwd(1) do is to check the passwd against a bad
passwd file and gcos data then reject the passwd if it matches over
X percent.
As far as keeping a history of old passwords, that one is a hard call.
I don't think that you would gain enough to make it worth while.
--
Darryl Wagoner (home) dpw at lemuria.uucp or wagoner at imokay.dec.com
Digital Equipment Corp; OS/2, Just say No!
Boxboro, Ma (w) 508-264-5586
UUCP: virgin!lemuria!dpw
More information about the Comp.unix.questions
mailing list