[sllug-members]: bad password delays
Lamont R. Peterson
lamont at gurulabs.com
Wed Aug 16 16:40:40 MDT 2006
On Wednesday 16 August 2006 03:57pm, Ian Robertson wrote:
> I use Xscreensaver to lock my screen. Frequently, when coming back, I'm
> in a hurry to type in my password, and hence mistype it. This wouldn't
> be so bad, except that Xscreensaver takes 5 seconds before it rejects
> the password and lets me try again. I suspect this is due to a pam
> setting, but I've been unable to figure out how to bump it down to say,
> 1 second. Does anyone have any thoughts on how to attack this. This is
> on a Suse 10.0 box.
There is no PAM configuration for this. To change it, I think you'd have to
patch the source. I don't believe there is any command line parameter or
other configuration directive for Xscreensaver.
The timeout is there for a security reason. Obviously, if you can process a
successful password entry in a millisecond, we should figure out a failure,
too. The reason for the delay is so that automated password trial-and-error
systems will be slowed down such that it is completely infeasible to use
them, assuming, of course, that users actually follow good password policies.
By the way, almost every program uses 3 seconds, not 5. I mostly use KDE,
personally, so I'm not entirely certain about Xscreensaver's unlock dialog
failure timing.
--
Lamont R. Peterson <lamont at gurulabs.com>
Senior Instructor
Guru Labs, L.C. [ http://www.GuruLabs.com/ ]
NOTE: All messages from this email address should be digitally signed with my
0xDC0DD409 GPG key. It is available on the pgp.mit.edu keyserver as
well as other keyservers that sync with MIT's.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://sllug.org/pipermail/sllug-members/attachments/20060816/36c844d3/attachment-0001.pgp
More information about the sllug-members
mailing list