On Wed, 2012-10-17 at 14:52 -0400, Simo Sorce wrote: > > To my knowledge AUTHPRIV is simply for authorization-related data, not > > for the seccret auth tokens themselves. The Linux man page suggests that > > AUTH is obsolete, and AUTHPRIV is what people should use for all auth > > related stuff. And if things get specific this is mostly about "user > > logged in", "user changed password", but never "user changed password > > to xyz". > > Sigh, I guess I need to be more explicit, you can find messages like: > > User MySecretPassword failed authentication. > > Because mistakenly a user typed his password at the login prompt instead > of his name. It is common. As an anecdata point, I've done this on websites twice in the last two days. So I'm inclined to believe Simo :) -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora http://www.happyassassin.net -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
