[Freeipa-users] Do expired passwords remain usable indefinitely?
Brian Candler
b.candler at pobox.com
Fri Oct 21 13:17:12 UTC 2016
Question: when a password expires, does it remain in a usable state in
the database indefinitely? For example, if someone comes along a year
after their password has expired, can they still login once with that
password?
This is actually what I want, but I just want to confirm there's not
some sort of secondary threshold which means that an expired password is
not usable X days after it has expired. Or, if there is such a
secondary threshold, where I can find it.
The scenario is a RADIUS server for wifi which reads NTLM password
hashes out of the database to authenticate - this continues to work
after expiry. However I want users to be able to do a self-reset later
if and when they want to.
Thanks,
Brian.
More information about the Freeipa-users
mailing list