Connection caching?

[Carson Gaspar]

--On Friday, May 07, 2004 10:05 PM -0500 Ben Lindstrom 
<mouring at etoh.eviladmin.org> wrote:

> Which is fine, but some around here have expressed a need for ordered
> authentication.  Which would make a bitmask implementation imposible
> without predefining all possible forms of combination.

*Raises hand*

When I implemented this eternities ago, the purpose was to require 
something that wasn't password based auth first, and then password auth. 
That way, you can turn on bad password account lockout without it being 
incredibly easy to cause a DOS.

-- 
Carson