[19609] in Kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

account lockup after invalid login attempts

daemon@ATHENA.MIT.EDU (Subu Ayyagari)
Thu Jul 17 16:02:07 2003

From: "Subu Ayyagari" <s.ayyagari@xpedite.com>
To: <kerberos@mit.edu>
Date: Thu, 17 Jul 2003 15:52:48 -0400
Message-ID: <IJENLFEGJKPNBDMONDIHMEBPCNAA.s.ayyagari@xpedite.com>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
cc: Subramanyam v Ayyagari <s.ayyagari@xpedite.com>
Errors-To: kerberos-bounces@mit.edu

Hi,

Problem Description:
   I wish to implement account lockout policy. When a user exceeds 5 invalid
   login attempts, I wish to disable his account
   I am using Kerberos 1.2.8 on SUN Solaris 9

I have enabled pre-authentication, so the server knows about these invalid
AS_REQ
requests, and I see them in the logs.

Microsoft WIndows implementation..hmmmm pardon me for using the W word :)...
does have this account lockout feature.

The security folks here are surprised when I tell them
that kerberos does not support account lockup.
Please suggest.

regards,
subu ayyagari
732-389-3900 x7227
s.ayyagari@xpedite.com

________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[19609] in Kerberos

account lockup after invalid login attempts

daemon@ATHENA.MIT.EDU (Subu Ayyagari)Thu Jul 17 16:02:07 2003

daemon@ATHENA.MIT.EDU (Subu Ayyagari)
Thu Jul 17 16:02:07 2003