[Freeipa-devel] [PATCH] confirm password
Simo Sorce
ssorce at redhat.com
Fri Sep 7 18:44:04 UTC 2007
On Fri, 2007-09-07 at 14:25 -0400, Andrew C. Dingman wrote:
>
> 3) Generate an already-expired password which the user must change at
> first login. Print the thing out and put it in their inbox. Since the
> password has to be changed on first use, any compromise will be
> detected
> by the user, who WILL contact the helpdesk because they want access to
> their account.
I like this one _very_ much, I am testing packages with a "fixed"
kpasswd client tool (and pam_krb5 as well). If that works I will test
this scenario and implement it.
Simo.
More information about the Freeipa-devel
mailing list