Date: Wed, 28 Feb 1996 00:11:14 -0500 (EST) From: Brian Tao <taob@io.org> To: Jim Dennis <jimd@mistery.mcafee.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Informing users of cracked passwords? Message-ID: <Pine.BSF.3.91.960228000422.20007F-100000@zip.io.org> In-Reply-To: <199602280504.VAA05385@mistery.mcafee.com>
index | next in thread | previous in thread | raw e-mail
On Tue, 27 Feb 1996, Jim Dennis wrote:
>
> According to this the standard shadow password suite has an
> option in the semantics of the /etc/shadow file to specify
> an additional or alternative authentication program (as well
> as all that password aging and account expiration stuff).
BSD/OS 2.1 has implemented login classes (defined in the pw_class
member of the standard passwd struct) to this end. It allows for
additional authentication in addition to the traditiional UNIX
password scheme (typically one-time password or challenge-response
schemes). The /etc/login.conf file lets you specify user classes, the
authentication model they follow as well as other aspects such as
maximum memory usage, maximum per-process CPU time, minimum and
maximum password lengths, etc.
It would be nice if FreeBSD could adopt this format, since this is
the first commercial use (AFAIK) of the pw_class field in a
master.passwd entry.
--
Brian Tao (BT300, taob@io.org)
Systems Administrator, Internex Online Inc.
"Though this be madness, yet there is method in't"
home |
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.960228000422.20007F-100000>