I seem to recall Randal did a column in Web Techniques on just such a
thing. Check http://www.stonehenge.com/merlyn/
On Sun, 14 Jan 2001, George Sanderson wrote:
> I want an authorization module to generate a one time password for a
> particular user name.
> For example, lets say I target some user names to have a one time password
> service by using a directive like:
>
> Auth_onetimer user1, user2, ...
>
> If the password was blank (empty), the module would automagicly create and
> store a new password per some format string (perhaps):
>
> Auth_password_format "hello%16s"
>
> After a user logs in some specified number of times (default 1), the
> password would be blanked out.
>
> Of course, someone would have to be able to view the account information,
> but this should be different module. A module that would allow an
> "administrator" to view and change the user account data base.
>
>
>
