[tpop3d-discuss] New features ?

Yann GROSSEL olrick at phear.org
Mon, 2 Dec 2002 22:17:55 +0100

On Mon, 2 Dec 2002 20:11:33 +0000
Paul Makepeace <Paul.Makepeace@realprogrammers.com> wrote:

> I'm curious what Yann sees as the benefit of password loggging is? If
> there's a particular diagnostic process or typical problem that could be
> readibly identified perhaps there's another solution that could help?
> I'm thinking along the lines of NT warning that the CAPSLOCK switch is
> on: syslog("Login failed; password all in lowercase - client doing
> something weird?")

We have a few really clueless users. I remember spending very long time
with users on the phone trying to make them enter the right password in
their outlook configuration. After minutes I started to dump the users
POP requests using tcpdump and I soon discovered that they have entered
about ten times their password one after the other. They didn't thought
to use the backspace key between their tries because the first '******'
of the password had scrolled out of sight in the password field... With
the dump I was able to immediately spot what the users were doing wrong.

This is just an example. I think there is unfortunately more than a few
'typical' problems that can be automatically detected by tpop3d and
announced in the logs...

But I agree with Chris about the fact that logging wrong passwords may
reveal passwords for some other service. Perhaps the solution would be
to activate password logging only for a specific login and during a few
minutes only, when the user is calling the hot line ?