diff --git a/examples/passwd-wrapper.scm b/examples/passwd-wrapper.scm
index 6bd3848..c015349 100755
--- a/examples/passwd-wrapper.scm
+++ b/examples/passwd-wrapper.scm
@@ -87,8 +87,6 @@ Please choose a password with at least 2 character classes.")
 
 ;; *** supported machines ********************************************
 
-;; TODO: cache the results
-
 (define (raise-unsupported-machine)
   (display "I refuse to run on unsupported machines\n" 
 	   (current-error-port))
@@ -182,7 +180,7 @@ Please choose a password with at least 2 character classes.")
 		   "New Password: "
 		   "Re-enter new Password: "
 		   "yppasswd: Sorry, wrong passwd"
-		   "passwd(SYSTEM): They don't match."
+		   (rx "passwd(SYSTEM): They don't match.")
 		   "passwd: password successfully changed"))
       ((linux) (define-passwd program
 		 "Please enter old password:"
@@ -199,13 +197,65 @@ Please choose a password with at least 2 character classes.")
 (define (change-yp-password old-pw new-pw)
   (change-password yppasswd old-pw new-pw))
 
+;; *** Kerberos V interface ******************************************
+
+(define kerberos-v
+  (case system-type
+    ((freebsd) (define-passwd "/afs/wsi/i386_fbsd52/heimdal-1.6/bin/kpasswd"
+		 "Password: "
+		 "New password: "
+		 "Verifying - New password: "
+		 "kpasswd: Password incorrect"
+		 "Verify failure"
+		 "Success"))
+    ))
+    ;;((solaris) (define-passwd "/afs/wsi/sun4x_58/krb5-1.3.1/bin/kpasswd"
+		 ;; TODO))
+
+(define (verify-kerbv-password password)
+  (verify-password kerberos-v password))
+
+(define (change-kerbv-password old-pw new-pw)
+  (change-password kerberos-v old-pw new-pw))
+
+;; *** AFS (Kerberos IV) interface ***********************************
+
+(define afs
+  (case system-type
+    ((freebsd) (define-passwd "/afs/wsi/i386_fbsd52/openafs-cvs/bin/kpasswd"
+		 "Old password: "
+		 (rx "New password (RETURN to abort): ")
+		 "Retype new password: "
+		 ;; Attention: the old password is checked AFTER the
+		 ;; new password is entered! So verify will not work!
+		 "kpasswd: Incorrect old password."
+		 "Mismatch"
+		 "Password changed."))
+    ))
+    ;;((solaris) (define-passwd "/afs/wsi/sun4x_58/openafs-1.2.11/bin/kpasswd"
+		 ;; TODO))
+
+(define (change-afs-password old-pw new-pw)
+  (change-password afs old-pw new-pw))
+
 ;; *** all together **************************************************
 
 (define (verify-old-password pw)
   (verify-yp-password pw))
 
 (define (change-all-passwords old-pw new-pw)
-  (change-yp-password old-pw new-pw))
+  ;; TODO: maybe undo password changes if next changes fail - is
+  ;; difficult because Kerberos passwords need some minutes to become
+  ;; effective
+  (and (change-yp-password old-pw new-pw)
+       (begin
+	 (display "NIS password changed successfully.\n")
+	 ;; TODO: make sure we have a ticket
+	 (and (change-kerbv-password old-pw new-pw)
+	      (begin
+		(display "Kerberos V password changed successfully.\n")
+		(and (change-afs-password old-pw new-pw)
+		     (display "AFS password changed successfully.\n")))))))
 
 (define (ask/check-old-password)
   (let ((old-pw-prompt "Old password: "))