Password Policy - Expired Password - mschap
aland at deployingradius.com
Fri Aug 13 04:10:40 CEST 2010
Theparanoidone Theparanoidone wrote:
>>>>> Password change is not part of RADIUS.
> I am new to radius, and although it is now clear that "expired passwords == user
> is blocked until they can authenticate from some other computer" ... I'm just
RADIUS is a protocol which controls network access. If the users
password has expired, it means that it is no longer valid for network
access. Any other interpretation results in "password expiry" losing
> I guess an alternate method is to implement login scripts to check if a users
> password expiration is approaching, and if so... prompt the user to update it
> before it expires (via, email, popup, whatever).
Or, have the user call IT, and reset the password.
> Is that what the rest of radius users do / a best practice?
They don't use password expiry, *or* they require users to reset their
password before it expires.
> Thanks for all your help... all and all, freeradius is awesome.
More information about the Freeradius-Users