Subject: | |
From: | |
Reply To: | Vance, Jeff H (Cupertino) |
Date: | Tue, 31 Jan 2006 10:32:26 -0800 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
I haven't thought about it much, but it seems you could have a password
file (maybe a CIRcular file?) for each user on the system. This file
would have their last N passwords, and the modified date of the file
would be the date their password was most recently changed.
A logon UDC could detect if the password file for that user exists. If
not create it and require a new password right then. If the password
file exists then get it's modified date and compare that to today's
date. If greater than X days then in a loop prompt for a new password.
Validate the entered password against previous N passwords and your
other rules. Maybe run a dictionary checking program to make sure the
password is not common, etc.
Update the user-specific password file with their new password, and then
logon the user.
Or something like that...
Jeff Vance, vCSY
> -----Original Message-----
> You won't be able to accomplish this using MPE's password scheme.
> You'll either need to find the money for Security/3000 or
> write/creatively acquire a passwording system that sits on
> top of MPE and can apply all the rules you want. The
> absolute best option is to get Security/3000 but short of
> that maybe some on this list will have something they can
> contribute to you.
...
* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
|
|
|