[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Schema for password aging, reuse prevention?
tir, 30.03.2004 kl. 18.39 skrev Chris Shenton:
> We're doing an application which uses OpenLDAP for account management.
> I have a GUI that enforces NASA policy on password complexity but have
> no way to store last-change-date or previously-used-password info
> which is required by our policy to:
>
> 1) Enforce password aging
> 2) Not allow users to use re-use their last 10 passwords.
> 3) Lock a users account after 3 failed logins.
>
> Are any of you folks aware of an existing published schema which will
> allow me to store dates, previous passwords (SHA hash OK), needed to
> implement password aging and reuse prevention?
It would seem that Padl is going ahead with this kind of thing under
pam_ldap. Especially draft-behera-ldap-password-policy-07. Lists are at
www.padl.com.
--Tonni
--
mail: billy - at - billy.demon.nl
http://www.billy.demon.nl