S4 - Last password change

Michael Wood esiotrot at gmail.com
Thu Jun 2 10:00:14 MDT 2011


On 2 June 2011 17:05, Matthieu Patou <mat at samba.org> wrote:
>
>> Yes - someone else mentioned that idea.
>>
>> But you're right - I want to use S4 to start enforcing password complexity
>> and aging, so I will want everyone to pick new passwords.
>>
> Well you'll run into the problem that people will do fooBAR123, then
> fooBAR124, ... at least on some of them.
>
> We run into this problem and the only way I can see is to write a module in
> samba that plugs into the password changes function to forbid too close from
> the previous one password. Not too easy (otherwise I would have done it
> already), but I think it's doable.

I suppose for this you will have to keep N old passwords in clear text
so that you can compare against them.  Is that the problem?

Of course, if you force people to use passwords that are two
complicated, they will just write them down.

-- 
Michael Wood <esiotrot at gmail.com>


More information about the samba-technical mailing list