X-Git-Url: http://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/e1a848631f3018a38b20f81b6517319283f236e2..3882048f60f47ce7edb89cc3816978cff32551f9:/blog/data/2010-05-02-expired-passwords.txt?ds=sidebyside

diff --git a/blog/data/2010-05-02-expired-passwords.txt b/blog/data/2010-05-02-expired-passwords.txt
index e1a3d35a81..35d54c511b 100644
--- a/blog/data/2010-05-02-expired-passwords.txt
+++ b/blog/data/2010-05-02-expired-passwords.txt
@@ -1,5 +1,5 @@
 Title: Forcing new users to change their password on first login
-Tags: english, nuug, debian edu
+Tags: english, nuug, debian edu, sikkerhet
 Date: 2010-05-02 13:47
 
 <p>One interesting feature in Active Directory, is the ability to
@@ -59,3 +59,16 @@ sure only the user itself have the account password?</p>
 
 <p>If you want to comment on or help out with implementing this for
 Debian Edu, please contact us on debian-edu@lists.debian.org.</p>
+
+<p>Update 2010-05-02 17:20: Paul Tötterman tells me on IRC that the
+shadow(8) page in Debian/testing now state that setting the date of
+last password change to zero (0) will force the password to be changed
+on the first login.  This was not mentioned in the manual in Lenny, so
+I did not notice this in my initial testing.  I have tested it on
+Squeeze, and '<tt>chage -d 0 username</tt>' do work there.  I have not
+tested it on Lenny yet.</p>
+
+<p>Update 2010-05-02-19:05: Jim Paris tells me via email that an
+equivalent command to expire a password is '<tt>passwd -e
+username</tt>', which insert zero into the date of the last password
+change.</p>