RE: pplolicy lockout grace time? - alternatives
First of all, password lockout itself is a dumb idea, and we only
implement it
because it's part of the original ppolicy spec. The ppolicy spec is pathetically
bad though.
What methods aren't dumb ideas that accomplish account unavailability on N password
failures?
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
This message is private and confidential. If you have received it in error, please notify
the sender and remove it from your system.