From owner-freebsd-security Fri Jan 10 14:40:49 2003 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C715537B401 for ; Fri, 10 Jan 2003 14:40:47 -0800 (PST) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7BDB443F1E for ; Fri, 10 Jan 2003 14:40:47 -0800 (PST) (envelope-from mike@adept.org) Received: by fubar.adept.org (Postfix, from userid 1001) id 7CA391532E; Fri, 10 Jan 2003 14:37:46 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by fubar.adept.org (Postfix) with ESMTP id 7A65115213 for ; Fri, 10 Jan 2003 14:37:46 -0800 (PST) Date: Fri, 10 Jan 2003 14:37:46 -0800 (PST) From: Mike Hoskins To: security@freebsd.org Subject: Re: Unix Password Expiration Questions In-Reply-To: Message-ID: <20030110143510.F63003-100000@fubar.adept.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 7 Jan 2003, Robinson, Rick wrote: > :passwordtime=90d:\ > :warnpassword=5d:\ > And now the passwords expire if they haven't been changed after 90 days. > However I have a couple of questions. Right now once your password is > expired the system doesn't force you to change your password to a different > password. Most places I've seen do this using a 3rd party utility. These include passwd+, npasswd or epasswd. Here's a NASA article on epasswd, with references (URLs) to the other packages as well, http://www.nas.nasa.gov/Groups/Security/epasswd/article.html -- Mike Hoskins This message is RFC 1855 compliant, mike@adept.org www.adept.org/pub/rfcs/rfc1855.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message