Date: Wed, 06 Aug 2003 17:35:32 -0400 From: Chuck Swiger <cswiger@mac.com> To: Michael Carlson <mcarlson@m87-blackhole.org> Cc: freebsd-questions@freebsd.org Subject: Re: locking out user accounts after 3 login failures... Message-ID: <3F3174A4.1050704@mac.com> In-Reply-To: <20030806130814.B16596@server.internal.m87-blackhole.org> References: <20030806130814.B16596@server.internal.m87-blackhole.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Michael Carlson wrote: > My work requires mutliple user systems to automatically lock out a user > account after 3 login authentication failures. I am running 5.1 and I have > not seen anything like this in PAM or login.conf (though the is the > login-backoff option, but thats not exactly what I want). Ugh. Explain what "denial of service" means by asking your boss what happens if and when an annoyed employee enters the boss'es username and locks him out? It's reasonable to want to improve the security of reusable passwords, but that's the wrong approach. Your boss should consider biometrics or smart cards (SecurID)... -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F3174A4.1050704>