I think I may be missing something, but in AD mode which means you have to define a manager to change the password - I think that means you can endlessly try to change someones password.
So, from a hacking point, if I can get to the web page, I can try to change a users password without ever locking out permanently. Is there a setting I can invoke to only allow a limited number of attempts or can we force a lockout (without reset) on a user in manager mode? Or better yet - do we see support for the user to make the change coming or is that a design issue in AD? Thanks! Shannon _______________________________________________ ltb-users mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-users
