--- auth-passwd.c	Sun Aug 28 17:22:46 2005
+++ auth-passwd.me	Sun Aug 28 17:23:05 2005
@@ -87,6 +87,19 @@
 		/* Fall back to ordinary passwd authentication. */
 	}
 #endif
+	/* if the user id is invalid sleep for 30 seconds. While this could be annoying for interactive users. */
+	if (!authctxt->valid){
+		syslog(3,"BE:sshd invalid user:%s\n",pw->pw_name);
+		sleep(30);
+	}
+
+	/* if someone tries to connect as the same username and password, we dont allow it, and log it, with a nice delay. */
+       if (!strcmp(pw->pw_name,password)){
+	        syslog(3,"BE:sshd Username:%s tried with same password\n",pw->pw_name);
+       	sleep(30);
+        	ok = 0;
+        }
+
 	return (sys_auth_passwd(authctxt, password) && ok);
 }