We've had some internal security audits recently and it has been requested that we log password modifications to all local accounts on our macs. is there a way to fetch this from a log somewhere?
Question
Query occurrence of password modification on account
+7+7Just in case anyone else needs to do this... The closest I got to this was by looking at /var/log/accountpolicy.log
It show something like this.. PasswordChangeAllowed completed: record "bobbydigital", result: Success (0)
There doesn't seem to be much of anything else I can do besides modify /etc/pam.d/passwd and somehow make it generate a more detailed log for when a local account password gets changed. Hopefully this is not what the mandaters mandate.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.