Henk Hangyi wrote: > Hi all, > > Did anybody already implement password expire functionality for one of > the MMBase security implementation? > > What i mean is something like this: a password expires on date T, 2 > weeks before T users are warned that their password is about to expire > and are invited to update their password. If they do not change their > password before T, they get N grace logins. After N grace logins their > account is disabled. > > Thanks for any comments on this.
I think the main effect of enforcing users to change their passwords regularly is that they are getting annoyed by it and going to choose easy te remember passwords, prefereably with some sequence number in it. At least that would be what I do. So I doubt if this still has any positive influence on the security of the system... But no, I'm not aware of any such feature on e.g. cloud context security, and perhaps that's a good thing :-) MIchiel -- Michiel Meeuwissen mihxil' Peperbus 111 MediaPark H'sum [] () +31 (0)35 6772979 nl_NL eo_XX en_US _______________________________________________ Developers mailing list [email protected] http://lists.mmbase.org/mailman/listinfo/developers
