On Thu, Oct 12, 2006 at 03:37:38PM -0700, [EMAIL PROTECTED] wrote: > Hello everyone. > > My question is simple: > > For each user on my system I have a list of passwords which they > should never, ever enter. If someone enters a password which is on > this list I know that their passwords have been compromised and > their account should be immediately disabled. I'd like to write a > program which checks this automatically whenever a user logs in, > but I don't really know where to start. > > If someone could just point me in the right direction (e.g. a man > page or two) I'm sure I could figure it out. I have experiance > with UNIX, just not OpenBSD and the login protocols.
Look at /usr/libexec/auth_*, but as pointed out, mind DoS attacks. Joachim