[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Locking of principales due to unsuccessfull attempts

To: heimdal-discuss@sics.se
Subject: Locking of principales due to unsuccessfull attempts
From: Mathias Feiler <feiler@uni-hohenheim.de>
Date: Tue, 7 Jun 2005 15:35:52 +0200 (MET DST)
Cc: "Dr.Dieter Mack" <mack@uni-hohenheim.de>
Sender: owner-heimdal-discuss@sics.se


I used to have KA's preauthentication with the responding ability
of locking out pricipales that got more than 10 unsuccessful
attempts of authentication (usually for 36 hour).
This way I prevent some sort of attacks. Also I can sort out the
user which stores their password (against rule)  within a client
(I get them after password change when the client tries to use
the old password).

I've been looking for that facilitie in heimdal w/o any success.
The only thing I found is this
	kadmin get_entry <principal>
	......

	                 Kvno: 6
	                Mkvno: 0
	Last successful login: never
	    Last failed login: never
	   Failed login count: 0
	        Last modified: 2005-06-03 23:48:32 UTC
  	.....

Have I been missing something  or is  it just not there?

If it isn't there jet, is it planed to introduce such a function?


Yours sincerely   Mathias Feiler

Follow-Ups:
- Re: Locking of principales due to unsuccessfull attempts
  - From: Andreas Haupt <ahaupt@ifh.de>

Prev by Date: Re: TGT forwarding when cross-realm auth?
Next by Date: Re: TGT forwarding when cross-realm auth?
Prev by thread: Re: getifaddrs/netlink problem
Next by thread: Re: Locking of principales due to unsuccessfull attempts
Index(es):
- Date
- Thread