Security
cancel
Showing results for 
Search instead for 
Did you mean: 

Disable multiple mechanism while changing password

Nicola Piazza
Occasional Visitor

Disable multiple mechanism while changing password

I've wrote my own sia module to implement a custom password quality check and it works correctly.
When a user change the password, he's prompted with the following:
---------------------------
You are registered with the following security mechanisms


1 OSFC2
2 AL

[Default selection: 1]

Select ONE item by number:
----------------------------
If user choiches to change password using first one, he'll bypass my enhanched mechanism.

How can I disable original mechanism ?
I've tried editing the /etc/sia/matrix.conf file, but siainit return unsuccessful SIA initialization if I touch it.

The sistem is a 5.1B
1 REPLY
Ann Majeske
Honored Contributor

Re: Disable multiple mechanism while changing password

To add password checks to Enhanced Security (C2) you should add a pwpolicy routine, not replace the SIA mechanism. See:

http://www.ultranet.com/~spiderb/sec/site-pwpolicy.c.txt

What you're trying to do won't work, to replace an SIA mechanism you have to replace the whole mechanism (all routines), not just one.

Ann