Re: OpenSSH 3.6.1 with PAM

Relevant Pages

• Re: [Full-disclosure] anybody know good service for cracking md5?
  ... Actually dictionary attacks seem to work quite well, ... and/or well known passwords. ... Another idea which seems to be cropping in, is the use of hash ... > i find some sites which says that they can brute md5 ...
  (Full-Disclosure)
• Re: Password aging on Suns with NIS?
  ... coding your own PAM module isn't an option for you ... > sources so they'd be the PAM-aware along with the whole PAM ... to change password. ... passwords and disabling accounts for those that don't. ...
  (comp.security.unix)
• Re: secure login form
  ... For my point of view I'm thinking of using md5 passwords in db. ... If you want the avoid the man-in-the-middle eavesdropping on you: Then you need https, ... If you are afraid the username/password you store in your database is hacked somehow, then it can make sense to store them with an md5 hash, which is one-way encryption indeed. ... (You can propagate the sessionid from http to https via a form, and let the receiving script use that sessionid for its https session. ...
  (comp.lang.php)
• Re: secure login form
  ... For my point of view I'm thinking of using md5 passwords in db. ... If you want the avoid the man-in-the-middle eavesdropping on you: Then you need https, ... If you are afraid the username/password you store in your database is hacked somehow, then it can make sense to store them with an md5 hash, which is one-way encryption indeed. ... (You can propagate the sessionid from http to https via a form, and let the receiving script use that sessionid for its https session. ...
  (comp.lang.php)
• Re: [Full-disclosure] EasyJet is storing user passwords in the clear
  ... Salting makes the biggest difference on large datasets, ... $ openssl speed md5 ... Same for MD5 vs SHA1. ... The problem isn't in the algorithm -- it's in the passwords themselves. ...
  (Full-Disclosure)