Re: lock user account after 3 bad logins?

To: Eliezer Figueroa <efigueroa@hotmail.com>
Cc: debian-user@lists.debian.org
Subject: Re: lock user account after 3 bad logins?
From: Remco Blaakmeer <remco-blaakmeer@quicknet.nl>
Date: Sun, 21 Mar 1999 16:07:07 +0100 (CET)
Message-id: <[🔎] Pine.LNX.3.96.990321160223.24403C-100000@rd31-144.quicknet.nl>
In-reply-to: <[🔎] 19990310015108.9371.qmail@hotmail.com>

On Tue, 9 Mar 1999, Eliezer Figueroa wrote:

> how do I can specify how many times a user can write a bad password 
> before the system disonect that account. And of course after the account 
> is lock, how do I unlock it.
> Get Your Private, Free Email at http://www.hotmail.com

Sorry for the late reply, but I don't think you want this. This is
extremely vulnerable to denial-of-service attacks. By just knowing
somebody's username, you can block his/her account by trying to log in
a few times as him/her with the wrong password.

Remco
-- 
rd31-144:  4:00pm  up 7 days, 22:24,  6 users,  load average: 1.20, 1.30, 1.27

Reply to:

References:
- lock user account after 3 bad logins?
  - From: "Eliezer Figueroa" <efigueroa@hotmail.com>

Prev by Date: Re: missing lsof
Next by Date: Re: Slink upgrade broke printer configuration
Previous by thread: Re: lock user account after 3 bad logins?
Next by thread: weird dependency error; please help...
Index(es):
- Date
- Thread