[Pkg-shadow-devel] Bug#463113: closed by Nicolas François <nicolas.francois at centraliens.net> (Re: Bug#463113: login: delay when password was typed incorrectly is security measure of the past)

Folkert van Heusden folkert at vanheusden.com
Wed Jan 30 16:47:07 UTC 2008


> > login: delay when password was typed incorrectly is security measure of the past
> > please make this delay configurable
> 
> The delay is not set by login, but by PAM.
> It can be disabled by adding the nodelay option to the pam_unix auth module.

Ah, ok, thanks!

> However, I do not recommend to use this.
> A delay when a password is incorrect is a very efficient security
> measure against password brute force.
> I was very efficient, and with the time (and CPU resources or bandwidth
> being more and more cheap for the attacker and for an attacked server) it
> is more and more efficient.

What about parallel logins?


Folkert van Heusden

-- 
Feeling generous? -> http://www.vanheusden.com/wishlist.php
----------------------------------------------------------------------
Phone: +31-6-41278122, PGP-key: 1F28D8AE, www.vanheusden.com





More information about the Pkg-shadow-devel mailing list