[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security trough paranoia

>>>>> "Brian" == Brian May <bam@debian.org> writes:

    Brian> 	Minimum Password Age [0]: Maximum Password Age [9999]:
    Brian> 2 Last Password Change (YYYY-MM-DD) [2001-03-31]: Password
    Brian> Expiration Warning [7]: Password Inactive [-1]: Account
    Brian> Expiration Date (YYYY-MM-DD) [1969-12-31]:

Only problem I see with this is it involves changing the max password
age to 2 days. Yuck. Not good.

Perhaps there are limitations in the shadow file format after all.
Ideally it should be possible to say "expire the password right now,
and lock the account if it is not changed (to MD5) within 28 days."

Some hacking of the last password changed date might get this working
properly, not without interfering with current local policy though.

(sorry if anybody else has replied, to my last message but I haven't
received anything yet from this news gateway yet).
-- 
Brian May <bam@debian.org>
Reply to: