[unisog] web based passwords

Sylvain Robitaille syl at alcor.concordia.ca
Fri Dec 7 02:14:11 GMT 2001


Lance Gjerstad wrote:

> We have a large number of users who ... either have to call the
> computer center to have their passwords changed or, as is more likely,
> just never change their passwords.  We've been looking into various
> solutions, such as enabling some sort of web interface to this,
> and likely other commands.

Look for poppassd.  We picked it up back in 1994 from
ftp://ftp.qualcomm.com/quest/unix/servers/password/pwserve-4
(you might have to search for it; I haven't checked if the above URL is
still good).  I haven't actually ever seen the client-side of this, but
I understand it's supported by Eudora, and probably other POP clients.

If you're concerned about passwords being sent back and forth in
plaintext (people generally are, these days), you might write an
(unprivileged) CGI interface for it, accessible only via an SSL-enabled
web server, which contacts the poppassd daemon over the localhost
interface.  Then again, if your users are using plaintext POP or IMAP to
get their mail anyway...

I hope that helps...

-- 
----------------------------------------------------------------------
Sylvain Robitaille                              syl at alcor.concordia.ca
 
Systems analyst                                   Concordia University
Instructional & Information Technology        Montreal, Quebec, Canada
----------------------------------------------------------------------



More information about the unisog mailing list