Les Mikesell wrote:
On Tue, 2006-04-04 at 23:04, Mikkel L. Ellertson wrote:
You keep copies of the old encrypted passwords around, and compare the new one to them. If they match, reject the password. After all, you do that to the current one every time someone tries to log in.
Create a test account, fred. Set fred's password to, say, derf. Take a note of the encrypted password. Change Fred's password to derf. Compare with the previous encrypted password. Are they the same? -- Cheers John -- spambait 1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx Z1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/ do not reply off-list
