摘要 |
<p>The present invention provides methods and apparatus for updating passwords in a name service system. A server includes a name service database that further includes a plurality of tables with information, including passwords and communications information, concerning users. To enforce name service system security, users are denied direct access to their passwords and password aging information. These may be updated only through a process running on the NIS + server. The password process has write access to the password and aging information in the database and is invoked when users change their passwords. To update a password, the user's computer, the client computer, contacts the password update process and sends an encrypted version of the current password. The password update process decrypts the encrypted password and verifies that the user is authentic and the aging criteria are met. The user then enters a new password which is encrypted and provided to the password update process, which enters the new password in the password table. <IMAGE></p> |