[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Locking of principales due to unsuccessfull attempts
On Wed, 8 Jun 2005, Andreas Haupt wrote:
|
|>
|> Have I been missing something or is it just not there?
|
|You didn't miss anything. It's really not there ...
|
|> If it isn't there jet, is it planed to introduce such a function?
|
|Well, years ago, I asked the same question. That time I was told that the
|current database model does not support account locking (but Love and
|Johan will probably know better...).
|
|All I can say is that you can live without it.
I know , years ago we run the ka w/o it too.
|People offending against
|the password policy can be trapped by observing log files, too.
Well thats true in terms of password policy violation even it is not a in
time detection.
It is less true in terms of half-spied passwords.
If one tries to guess the rest of the password it would take
(much) more time or it tends to come to victims attention.
Also I hate to bother my customers habit
On the other hand I know to explore my site to a dos-attack.
Maybe all in all You are right. - I'd wish to have it anyway -
|
|Greetings
|Andreas
|
|--
|| Andreas Haupt | E-Mail: andreas.haupt@desy.de
|| DESY Zeuthen | WWW: http://www.desy.de/~ahaupt
|| Platanenallee 6 | Phone: +49/33762/7-7359
|| D-15738 Zeuthen | Fax: +49/33762/7-7216
|
Fuer Rueckfragen stehe ich Ihnen gerne zur Verfuegung, beforzuge jedoch
telefonisdche Kontacktaufnahme ( 3949 oder +49 (0)179 6954907 ). Danke.
Hochachtungsvoll und mit freundlichen Gruessen M.Feiler
----
Mit Computerviren verhaelt es sich so, wie mit verschiedenen
Geschlechtskrankheiten: Meist HOLT man sie sich wenn man
zu leichtsinnig zu ugeschuetzt verkehrt.
PGP public key & Homepage : http://www.uni-hohenheim.de/~feiler