Iiridayn
commented
1 year ago Looks like there's already a PAM module for honeywords at https://github.com/cedriczirtacic/pam_honeyword
Open Iiridayn opened 1 year ago
Iiridayn
commented
1 year ago Looks like there's already a PAM module for honeywords at https://github.com/cedriczirtacic/pam_honeyword
A "Honeyword" is a known false password which tempts attackers to try it and can thereby alert the user to attempted attacks on the system.
xsecurelockcould support a user-chosen honeyword and somehow notify the user when they return (after authentication, or the attacker may reset the computer to wipe state) that the honeyword has been found and attempted. The user could write down the honeyword and stick it in any of several typical password locations - on a post-it on the monitor, under the mousepad or keyboard, in a desk drawer, etc, and will then know that somebody has attempted to access their system while they were away. The system would deny the login as normal, and the attacker would presume the password was to something else.Possibly should be a system level PAM module instead.