[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Expired password notification
Pierangelo Masarati skrev, on 16-01-2008 15:18:
[...]
Another approach could be to inform users via e-mail.
But what if users don't read emails until password expiration?
Hehe ... at my Amsterdam high school (supposedly populated by
way-above-average IQ kids and teachers) site I run OL ppolicy. Passwords
en masse are coming up for renewal in February.
I have about 100 Dutch/immigrant kids out of about 800 who never read
their mail and nothing on earth will ever make them. I have around 80
teachers and 30 staff who can be forced to read their mail. I have a
super system whereby everyone can send a VERP mail to himself and get
back 6 password suggestions that pass the stringency test (very strict).
But what's the good if they don't ever read their mail, their mail
quotas are exceeded or whatever?
At the moment the Linux/Samba login screens tell them to contact "their
administrator". Supposing we're all 3 of us administrators sick or dead
or something?
I had thought about writing a shell (Perl's not necessary, I already do
half of this in shell) script that looks at whether they've read their
mail or not for the last week or so and if they haven't, refuse them any
further authentication. But I haven't got that far yet.
--Tonni
--
Tony Earnshaw
Email: tonni at hetnet dot nl