[31768] in Kerberos
account lockout after n failed password attempts
daemon@ATHENA.MIT.EDU (Steve Glasser)
Sat Dec 12 15:53:52 2009
MIME-Version: 1.0
Date: Sat, 12 Dec 2009 12:53:26 -0800
Message-ID: <c789fd70912121253t667745f9s6d1cd4f809622412@mail.gmail.com>
From: Steve Glasser <sgla9347@gmail.com>
To: Kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Hi list,
I was wondering if account lockout after n failed password attempts
was ever successfully implemented with MIT Kerberos?
I know this was discussed several years ago (see:
http://mailman.mit.edu/pipermail/kerberos/2007-December/012705.html).
I haven't seen any responses more current than that. It looks like
an inherent design problem because with multiple kdc servers there is
no way to keep a centralized count of failed login attempts.
Btw, does anyone know how Microsoft got around this problem (assuming
they did so), as they do offer account lockout after n failed login
attempts?
Thanks,
--
Steve Glasser
sgla9347@gmail.com
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
