Improve configuration example in README to improve security

Question

Improve configuration example in README to improve security

Closed this issue 9 months ago · 2 comments

With the pam config as specified in README, a user who has a working password is always able to log in, even when he enters te wrong pin or pam-weblogin fails in some other way.

I assume the pam config should be adjusted a bit more; simply adding sufficient pam-weblogin isn't enough.

Answer 1 · 2022-08-08T06:45:47.000Z

Solution is to specify:

auth [success=done ignore=ignore default=die] pam_weblogin.so /etc/pam-weblogin.conf

Answer 2 · 2022-08-15T12:43:11.000Z

@HarryKodden Kun je dit in de documentatie toevoegen/aanpassen?