I haven't thought about it much, but it seems you could have a password
file (maybe a CIRcular file?) for each user on the system. This file
would have their last N passwords, and the modified date of the file
would be the date their password was most recently changed.

A logon UDC could detect if the password file for that user exists. If
not create it and require a new password right then.  If the password
file exists then get it's modified date and compare that to today's
date. If greater than X days then in a loop prompt for a new password.
Validate the entered password against previous N passwords and your
other rules. Maybe run a dictionary checking program to make sure the
password is not common, etc.

Update the user-specific password file with their new password, and then
logon the user.

Or something like that...

 Jeff Vance, vCSY


> -----Original Message-----
> You won't be able to accomplish this using MPE's password scheme.
> You'll either need to find the money for Security/3000 or 
> write/creatively acquire a passwording system that sits on 
> top of MPE and can apply all the rules you want.  The 
> absolute best option is to get Security/3000 but short of 
> that maybe some on this list will have something they can 
> contribute to you.
...

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *