Path: utzoo!attcan!uunet!lll-winken!lll-tis!helios.ee.lbl.gov!pasteur!ucbvax!TOR.NTA.NO!dahls%vax.elab.unit.uninett
From: dahls%vax.elab.unit.uninett@TOR.NTA.NO (Joern Yngve Dahl-Stamnes)
Newsgroups: comp.os.vms
Subject: authorize question
Message-ID: <165*dahls@vax.elab.unit.uninett>
Date: 5 Jul 88 09:11:00 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 27

Hello

I am writing a program that will check if a user have changed his/her password
from AAA to BBB and back to AAA. A lot of users do this, and it is not very
secure. My idea was to write a program that check if the user have changed the
password since last check, and if so, check if the new hashed password value
is in a table. The table contain a list of the last 20 (or more) hashed
password value, one table for each user on the system. If the new hashed
password is in the table, then the user must change the password again - and
this is my problem. The only way I found so far, is to set the bit
UAI$V_PWD_EXPIRED in the field UAI$_FLAGS. It works, but the result of doing
this is that every user that do this nasty thing (using his/her old password)
are running in and out of my office, and *that* was not my idea.

Does anyone know how to force the user to change the password next time he/she
log on the system? If I got this program to work and if anyone out there
would like a copy of it, I will send it to the list.

  +-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+
  | The University of Trondheim           | Joern Yngve Dahl-Stamnes  |
  | The Norwegian Institute of Technology | System Manager            |
  | Division of Physical Electronics      |                           |
  | N 7034 Trondheim, Norway              |     "Me God you user"     |
  |---------------------------------------+---------------------------|
  |                 dahls%vax.elab.unit.uninett@tor.nta.no            |
  |                        PSI%02422530001005::DAHLS                  |
  |           Un*ix - the greates implementation of Murphy's laws     |
  +-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+