[rsbac] User login and password options? Set minimum requiredments and maximum login failures?
Michael Decker
MDecker at tesis.de
Thu Jun 29 08:25:47 CEST 2006
> 1.2 already has an optional min length and non-alphabetic char, see UM
> kernel config. 1.3 also has a configurable history.
That is great.
> max failure is
> not (yet) available. The question is: what do we do in this case?
>
> Currently, we sleep for 1s after each failure.
That is not bad...
> We could sleep
> number-of-consecutive-failures-for-this-account seconds instead,
> double the time with each try or disable the account.
That or only a temporary disabling. So admin can set a time (e.g. 30
minutes)...
Thanks a lot!
Bye,
Michael Decker
--
Michael Decker Michael.Decker at tesis.de
TESIS SYSware GmbH http://www.tesis.de
Baierbrunnerstr. 15 * 81379 Muenchen * Tel. +49 89 747377-0
More information about the rsbac
mailing list