Hi Ben Sorry but we can't do that because some of the users of the application use Novell securelogin to automatically handle logins and change of passwords with no user involvment.
Cheers Gunnar -----Ursprungligt meddelande----- Från: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] För Ben Alex Skickat: den 4 oktober 2006 12:43 Till: acegisecurity-developer@lists.sourceforge.net Ämne: Re: [Acegisecurity-developer] How to prevent brute force attack [EMAIL PROTECTED] wrote: > My question is how I can do something similar to prevent the password > change page? > > The password change page is open to role anonymous because when a new > user is entered in the system; password expired is set to a past date > to force the user to change the password the first time. > > Are there any best practices to handle changes of passwords? Hi Gunnar It would probably be useful to include a CAPTCHA image on the change password page. That way it stops any automated attack. Cheers Ben ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
