RE: Password security

From: Eric F Crist (ecrist@adtechintegrated.com)
Date: 06/20/02


From: "Eric F Crist" <ecrist@adtechintegrated.com>
To: "'Dag-Erling Smorgrav'" <des@ofug.org>
Date: Thu, 20 Jun 2002 11:38:33 -0500

My bad, had a serious brain fart this morning. ;)

Eric F Crist
President/Sys Admin
AdTech Integrated Systems, Inc
http://www.adtechintegrated.com

-----Original Message-----
From: des@flood.ping.uio.no [mailto:des@flood.ping.uio.no] On Behalf Of
Dag-Erling Smorgrav
Sent: Thursday, June 20, 2002 9:25 AM
To: Eric F Crist
Cc: 'Ryan Thompson'; 'Bill Moran'; freebsd-security@FreeBSD.ORG
Subject: Re: Password security

"Eric F Crist" <ecrist@adtechintegrated.com> writes:
> So, have you changed the hash from DES to something different? If
not,
> you're still dealing with an 8 character limit. Certainly the length
at
> this point could be considered arbitrary, but only the first 8
> characters count.

To repeat what I wrote in my previous mail: "By default, FreeBSD uses
an MD5-based hash, and supports passwords of arbitrary length."

DES

-- 
Dag-Erling Smorgrav - des@ofug.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message


Relevant Pages

  • Re: Password security
    ... have you changed the hash from DES to something different? ... > you're still dealing with an 8 character limit. ... with "unsubscribe freebsd-security" in the body of the message ...
    (FreeBSD-Security)
  • Re: What is md5sum?
    ... As I recall, the salt was the time stamp, so that would ... ]> Also, for the old Unix des based password, the probability of an overlap ... that recursion in the encryption makes it ... That IS the DES based hash. ...
    (comp.os.linux.setup)
  • Re[2]: Stealing NT passwords through WiFi?
    ... U> include LM hash. ... U> to use MS-CHAP data as an input. ... Any NTLM cracking tool is OK for MS-CHAPv1. ... For DES bruteforcing you can ...
    (Vuln-Dev)
  • howto set MD4 NT Hash in AD and/or Local SAM
    ... Does ANYBODY know how to set the MD4 NT Hash in AD and/or the local SAM??? ... can find and was successful at setting the old DES style password using ... pointless to still offer a way to set the DES password, ...
    (microsoft.public.win2000.active_directory)
  • Re: A New Threat for password hacking
    ... Passwords in RACF db are stored using DES, ... as a hash. ... I used SHA1 for my example since it's the one with the smallest bit ...
    (bit.listserv.ibm-main)