|
> The one way you could do it is by setting up a exit program to work on > the change password command. I have seen an article a couple of years > ago that went into details on it. Then whenever a user changed their > password you could not only validate it (per whatever rules you desired) > but you could trap and store it. Then there's a nastly little bit of high-school mainframe malware we called "FCRAPS": fake a signoff, display a normal sign-on prompt, capture the account and password, then sign the user off for real. I understand that the name was intended to make it look like an innocent simulation of a gambling game played with a pair of dice. -- JHHL
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
