[Date Prev][Date Next] [Chronological] [Thread] [Top]

password policy - alternate lockout mechanism

To: openldap-software@openldap.org
Subject: password policy - alternate lockout mechanism
From: Aravind Gottipati <aravind@freeshell.org>
Date: Mon, 26 Jan 2009 17:02:54 -0800

Hi,

The current password policy module can lock folks out after some
configurable number of failed attempts.  The module currently does not
differentiate between a user failing with the same wrong password a
bunch of times versus a crack attempt where someone tries multiple
different wrong passwords.  Are there any modules that take into
account if the same password is being used a bunch of times or if
multiple different passwords are failing?  Could this be a useful
feature worth requesting (if it doesn't exist already)?

Thank you,

Aravind.

Follow-Ups:
- Re: password policy - alternate lockout mechanism
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: Race condition when using slapo-unique?
Next by Date: LDAP Crash while replication
Index(es):
- Chronological
- Thread