Mass Password/ssh Key change announcement DRAFT
Kevin Fenzi
kevin at scrye.com
Tue Oct 11 19:57:23 UTC 2011
On Mon, 10 Oct 2011 09:46:15 -0700
Toshio Kuratomi <a.badger at gmail.com> wrote:
> On Mon, Oct 10, 2011 at 10:11:44AM -0600, Kevin Fenzi wrote:
> > On Mon, 10 Oct 2011 09:00:11 -0700
> > Toshio Kuratomi <a.badger at gmail.com> wrote:
> >
> > > I think that makring inactive will work for the password change
> > > (with the password strength hotifix, we also no longer accept the
> > > same password as the user last had). (Off by one we can't catch
> > > though: old: "mustang1977" this would still be accepted:
> > > "mustang1978")
> >
> > So, when someone is 'inactive' they can login with their old
> > password, but it will ask them to change it then?
> >
> Yep. IIRC we made things work that way when we did our first mass
> password reset.
Great.
So, if there's no other changes or objections, I will probably send out
the announcement tomorrow. Please let me know if you can think of
anything else we need to get in place before we announce.
kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/infrastructure/attachments/20111011/8f06e02f/attachment.bin
More information about the infrastructure
mailing list