[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Schema for password aging, reuse prevention?



tir, 30.03.2004 kl. 18.39 skrev Chris Shenton:

> We're doing an application which uses OpenLDAP for account management.
> I have a GUI that enforces NASA policy on password complexity but have
> no way to store last-change-date or previously-used-password info
> which is required by our policy to:
> 
>  1) Enforce password aging
>  2) Not allow users to use re-use their last 10 passwords.
>  3) Lock a users account after 3 failed logins.
> 
> Are any of you folks aware of an existing published schema which will
> allow me to store dates, previous passwords (SHA hash OK), needed to
> implement password aging and reuse prevention?

It would seem that Padl is going ahead with this kind of thing under
pam_ldap. Especially draft-behera-ldap-password-policy-07. Lists are at
www.padl.com.

--Tonni

-- 

mail: billy - at - billy.demon.nl
http://www.billy.demon.nl