Hi, lee: On Tuesday 02 November 2010 21:26:54 lee wrote: > On Mon, Nov 01, 2010 at 06:29:03PM -0500, Ron Johnson wrote: > > On 11/01/2010 04:45 PM, Jesús M. Navarro wrote: > > >Hi, Ron: > > > > > >On Monday 01 November 2010 18:49:01 Ron Johnson wrote: > > >[...] > > > > > >>If someone learns my password on day 2, they have full access to my > > >>account for 74 days, or I must beg for SysAdmin help? > > >> > > >>"Minimum number of days" isn't a very bright idea. > > > > > >It is, for a low minimum number. > > > > > >The rationale is to avoid the user reusing passwords: Ok, so my password > > > is 12345678 and I must change it now? Let's do it: 87654321; but > > > immediately I change back again. > > > > The way to do it is to have a record in your password db of the > > hashes of each user's last N passwords. > > BTW, how do you do that?
AFAIK you can't, at least with files backend (but that's a different issue). Cheers. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201011030340.45466.jesus.nava...@undominio.net
