Re: Security Question & Suggestion: Record of Last Access & Recent Accesses

Berkeley Brett <RoyalOui@xxxxxxxxx> writes:
For all sorts of computer accounts -- from your personal computer
itself to any online accounts you have (bank accounts, Amazon.com-type
accounts, remote work access accounts, etc.), I think one should have
quick access to a record of ALL recent logons to ones account.

This is usual for what we used to call "timesharing accounts", which
you young ones these days seem to call "shell accounts". Upon login, it
tells you the date/time and hostname of the previous login; and there is
usually a command to retrieve a list of all recent logins as you suggest
(in unix/linux, type "last user" (for a given username "user")).

Bank accounts, amazon.com, etc, are reinventing everything rather than
following in time-honoured footsteps; but some of them have some of these
attributes. My bank's web banking facility tells you the date/time of last
login when you log in.

For VPNs it might be a little trickier because your computer might
automatically connect and disconnect frequently, thus producing voluminous
logs which are difficult to look through effectively at a glance.
There's also the additional wrinkle that when you log in to a VPN, you
aren't actually interacting (personally, as opposed to automatedly) with
anything on the VPN gateway; you'd have to do some extra step to query the
log data (such as running a web browser and pointing it somewhere specific).
A facility where it could tell you your last login in the VPN protocol,
where you could configure your computer to report this information in a
pop-up dialogue you had to press 'ok' on, would be nice. I assume that
that would require a protocol change, but it could probably be made in a
both-ways-compatible manner. Of course it should be a configuration option on
the client side.
.

Relevant Pages

  • Re: Repost: Local logon and Network Access settings
    ... think require network login since they are over the wire do in fact ... In the default situation, Authenticated Users ... is a member of User on a member machine, and, Users are granted ... user accounts that should be allowed to log into the machines in SomeOU. ...
    (microsoft.public.windows.group_policy)
  • Re: Repost: Local logon and Network Access settings
    ... > think require network login since they are over the wire do in fact ... In the default situation, Authenticated Users ... > is a member of User on a member machine, and, Users are granted ... > user accounts that should be allowed to log into the machines in SomeOU. ...
    (microsoft.public.windows.group_policy)
  • AIX password enumeration possible
    ... BPR personnel can neither confirm or deny this behaviour exists in any OS other than AIX of versions mentioned below. ... In the case that the correct password is provided, the response is as follows: ... believed to be in the response from the login program after authentication ... Give accounts that have been restricted from remote logins strong passwords. ...
    (Bugtraq)
  • Re: Account Lockout Policies
    ... Allowing accounts to remain dormat for 30 days ... If a technical solution is unavoidable due to a lack of management buy-in, ... Extract login details from the security logs. ...
    (microsoft.public.security)
  • Re: No Response from Renli ( was Re: glGo self-destructed )
    ... A video from 12 October was outmoded by the 14 October ... successful login. ... we find glGo icons labeled ... These seem to be stale accounts. ...
    (rec.games.go)