HP3000-L Archives

February 2006, Week 2

HP3000-L@RAVEN.UTC.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: passwords
From:
Greg Stigers <[log in to unmask]>
Reply To:
Greg Stigers <[log in to unmask]>
Date:
Wed, 8 Feb 2006 19:07:48 -0500
Content-Type:
text/plain
Parts/Attachments:
text/plain (16 lines) 
>     Better answer: No time difference because your system should lock any
> and all accesses out after no more than 3 missed authentication attempts
> and should alert your pager via the method of your choice if your 
> threshold
> for failed attempts by bad user name is exceeded.

Doesn't this leave one vulnerable to a DOS attack? Or does the lock expire 
after some not-unreasonable interval? Something to long to make even a scan 
of a large number of users practical, but not too long to expect a user to 
make himself or herself useful without logging on.

Greg Stigers 

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2