account lockup after invalid login attempts

Subu Ayyagari s.ayyagari at xpedite.com
Thu Jul 17 15:52:48 EDT 2003


Hi,

Problem Description:
   I wish to implement account lockout policy. When a user exceeds 5 invalid
   login attempts, I wish to disable his account
   I am using Kerberos 1.2.8 on SUN Solaris 9

I have enabled pre-authentication, so the server knows about these invalid
AS_REQ
requests, and I see them in the logs.

Microsoft WIndows implementation..hmmmm pardon me for using the W word :)...
does have this account lockout feature.

The security folks here are surprised when I tell them
that kerberos does not support account lockup.
Please suggest.

regards,
subu ayyagari
732-389-3900 x7227
s.ayyagari at xpedite.com



More information about the Kerberos mailing list