Security
cancel
Showing results for 
Search instead for 
Did you mean: 

/etc/auth/system/default file - unsuccessful logins

SOLVED
Go to solution
Sally Devine
Frequent Advisor

/etc/auth/system/default file - unsuccessful logins

Hi,

I have been fighting with the default file recently. I cannot get the accounts to lock when they have three consecutive unsuccessful login attempts. I have set u_maxtries#3 and it still does not work after three tries. Will that value be nullified if something else is set like u_unlock#0 or something to that effect?

Thank you,
Sally
2 REPLIES
Sally Devine
Frequent Advisor

Re: /etc/auth/system/default file - unsuccessful logins

Hi again,

I found what was giving me so much grief. It was disabling but not notifying that it disabled the account. Also, when I re-enabled I would set the date and time way off in the future (not realizing that it meant to change the password by xxx time rather than the account will expire by xxx time) so it would not disable again when I tried typing the password incorrectly.

Thanks anyway,
SD
Ann Majeske
Honored Contributor
Solution

Re: /etc/auth/system/default file - unsuccessful logins

Hi Sally,

I know a lot of people have been confused by this, but it's done by design. The response you get back from any failed login (bad password, unknown username, etc) will look exactly the same. This is so someone trying to break into your system won't gain any information. If we changed the message for failed login to "account disabled" someone trying to break into your system would know that they had a real account name! The only time you get the "account disabled" message is on what would have been a successful login (correct username AND password).

The easiest way to reenable an account is to use the "grace_limit#n". This gives the user n days to login in spite of the disabling condition. As soon as the user logs in successfully, the disabling condition is cleared.

Ann