[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Question about preventing a user of changing his password

Subject: RE: [cobalt-users] Question about preventing a user of changing his password
From: "GPS" <gps@xxxxxxxxxxxxxx>
Date: Fri Mar 2 15:18:07 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

>> So whenever a client uses http://www.hisdomain.com/personal
>> I don't want him to be able to change his password. How can
>> I achieve this?
>
>1. Don't give them shell access.

Easy enough via gui.

>2. Remove their access to whatever webpage allows them to change their
>password.

Defeats the whole reason why Cobalt is selling these machines as appliances
that include a web-gui for the users.


>3. Read up on password aging, and require that individual passwords stay
>around for at least five years.

Completely outside the realm of using a Cobalt Server Appliance as Cobalt 
intended as they market it. 



>4. Let one of your other machines stay up around the clock trying to
>crack your own users' passwords anyway.
>
>--
>Rodolfo J. Paiz
>rpaiz@xxxxxxxxxxxxxx <mailto:rpaiz@xxxxxxxxxxxxxx>

John the Ripper on a cron job as someone else suggested.

References:
- RE: [cobalt-users] Question about preventing a user of changing his password
  - From: Rodolfo Paiz

Prev by Date: RE: [cobalt-users] Where can I find information on uninstalling packages?
Next by Date: Re: [cobalt-users] chkwtmp & chklastlog
Previous by thread: RE: [cobalt-users] Question about preventing a user of changing his password
Next by thread: [cobalt-users] WANTED: Looking to buy used Raq4.

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index