> First of all, password lockout itself is a dumb idea, and we only implement it > because it's part of the original ppolicy spec. The ppolicy spec is > pathetically > bad though.
What methods aren't dumb ideas that accomplish account unavailability on N password failures? > -- > -- Howard Chu > CTO, Symas Corp. http://www.symas.com > Director, Highland Sun http://highlandsun.com/hyc/ > Chief Architect, OpenLDAP http://www.openldap.org/project/ This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.
