[Zope-PTK] Re: Proposal: password policy change
Fabio Forno
sciasbat@inorbit.com
Wed, 23 Aug 2000 16:29:35 +0200
Shane Hathaway wrote:
>
> 1) People will forget their passwords and need a way
> out. The most "user friendly" way out is for them to
> receive their password again via e-mail. Of course
> this is terribly insecure, but slashdot and many
> others do it this way, so those who run PTK sites will
> expect this to be an option.
>
Ok, this may be an option, so we need two sets of functions:
mailPassword + getPassword
and
mailNewPassword + getNewPassword (this one may be not necessary)
and also a flag determining the password policy
> 2) If we allow passwords to be instantly reset by
> anonymous users then that capability will be abused by
> intruders.
>
> In order for your plan to work, therefore, we need to
> provide the option to set a temporary password. This
> temporary password would be in addition to the user's
> normal password.
>
I understand the problem, I'd change just a thing: while there's a
temporary password set, that's to say in the time before a new login and
password confirmation, the mailNewPassword should refuse to send new
messages and set new passwords, avoiding in this way any mailbombing.
There's still one drawback, with this worst case scenario:
-an intruder invokes mailNewPassword
-the user ignores it, deletes the message and right in this time forgets
the old password
-in this way he can't login and also be mailed by a new password
To avoid this we must also let the sysadmin to mail a new password even
with a temporary pwd set
ByE,
FF