21 May
2014
21 May
'14
9:16 a.m.
First of all, password lockout itself is a dumb idea, and we only implement it because it's part of the original ppolicy spec. The ppolicy spec is pathetically bad though.
What methods aren't dumb ideas that accomplish account unavailability on N password failures?
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.