How to tell if more than one person is sharing a user account
Hi there --
Is there software or mechanism that can help the administrator determine if more than one person is using the same user account via a shared password? Thanks. |
Hi,
Too my knowledge it is not possible (without obligatory biometrics) to determine who (or what) gave the user/password combo. Hope this helps. |
If you think they are using different machines (and the same person should always be using the same machine) then you could use the "last" command to see what hostname they logged in from.
|
Hi,
Quote:
One can log in from home (being on-call and/or working flexible), from (one of) the office(s) and in some cases when on-the-road....... And even if the environment is set up to have access from one specific machine, you cannot find out who/what actually gave the login credentials. |
There is software that tracks things like keyboard usage to determine if a user is the same as previously. Needs to learn but apparently doesn't take much.
Sites with high security clearance use this sort of thing. Not sure if an open source alternative is available. |
Quote:
|
Hi,
Quote:
I'm assuming you are talking about the last sentence (And even if the environment is ....), which seems to be a more specific case of your "And IF they should be logging in from the same machine"... |
try the command "finger"
You will get the number of users logged in to the server from different machine. Person's who are all logged into the server with same name but with different client IP should be considered as shared account. You can write your own perl/python scripts to parse the output of the finger command. Best Regards, |
Quote:
|
All times are GMT -5. The time now is 01:30 AM. |