Re: Password security

From: Dag-Erling Smorgrav (
Date: 06/20/02

To: "Eric F Crist" <>
From: Dag-Erling Smorgrav <>
Date: 20 Jun 2002 10:44:32 +0200

"Eric F Crist" <> writes:
> What I failed to point out was that, if you're using FreeBSD, which I
> assume you as you're posting to this group, the FreeBSD login utility
> still only recognizes 8 character passwords, unless you've changed that.

Wrong. The 8-character limit was imposed by the traditional DES-based
password hashing algorithm, not by login(1). By default, FreeBSD uses
an MD5-based hash, and supports passwords of arbitrary length.


Dag-Erling Smorgrav -
To Unsubscribe: send mail to
with "unsubscribe freebsd-security" in the body of the message