[rsbac] User login and password options? Set minimum requiredments and maximum login failures?

Michael Decker MDecker at tesis.de
Thu Jun 29 08:25:47 CEST 2006

> 1.2 already has an optional min length and non-alphabetic char, see UM 
> kernel config. 1.3 also has a configurable history.

That is great.

> max failure is 
> not (yet) available. The question is: what do we do in this case?
> Currently, we sleep for 1s after each failure.

That is not bad...

> We could sleep 
> number-of-consecutive-failures-for-this-account seconds instead, 
> double the time with each try or disable the account.

That or only a temporary disabling. So admin can set a time (e.g. 30

Thanks a lot!

	Michael Decker
Michael Decker                      Michael.Decker at tesis.de
TESIS SYSware GmbH                      http://www.tesis.de
Baierbrunnerstr. 15 * 81379 Muenchen * Tel. +49 89 747377-0

More information about the rsbac mailing list