thanks leonel for your recommendation, i'll look forward about lock user
after a few input (wrong password) tried.
thanks and best regards,
stifan
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
-
I would recommend against this. Passwords expiring is seriously annoying
and the security benefits are questionable
http://cs.unc.edu/~fabian/papers/PasswordExpire.pdf to say the least.
Just demand better passwords and lock users after a few tries if you need
more security.
--
Resources:
-
i'll try, thank you so much, massimo.
thanks and best regards,
stifan
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because
There is no built-in mechanism since we do not store the time when a
password changes but you can do it in this way:
auth.settings.extra_fields['auth_user'] =
[Field('password_charged_on','datetime',compute=lambda row: row.password
and request.now, writable=False)]
if auth.user and
4 matches
Mail list logo