From owner-freebsd-questions  Thu Mar 19 18:18:04 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id SAA27449
          for freebsd-questions-outgoing; Thu, 19 Mar 1998 18:18:04 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from phoenix.welearn.com.au (suebla.lnk.telstra.net [139.130.44.81])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id SAA27427;
          Thu, 19 Mar 1998 18:17:51 -0800 (PST)
          (envelope-from sue2@phoenix.welearn.com.au)
Received: (from sue2@localhost)
	by phoenix.welearn.com.au (8.8.5/8.8.5) id NAA20079;
	Fri, 20 Mar 1998 13:17:21 +1100 (EST)
Message-ID: <19980320131717.53739@welearn.com.au>
Date: Fri, 20 Mar 1998 13:17:17 +1100
From: Sue Blake <sue2@welearn.com.au>
To: Tom <tom@uniserve.com>
Cc: Robert Watson <robert@cyrus.watson.org>,
        Richard Stanaford <richard@cube3.erinet.com>,
        "Randy A. Katz" <randyk@ccsales.com>, questions@FreeBSD.ORG,
        freebsd-stable@FreeBSD.ORG
Subject: Re: Password Characters Not Required???
References: <Pine.BSF.3.96.980319172128.23320A-100000@fledge.watson.org> <Pine.BSF.3.96.980319151824.21872A-100000@shell.uniserve.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.88e
In-Reply-To: <Pine.BSF.3.96.980319151824.21872A-100000@shell.uniserve.com>; from Tom on Thu, Mar 19, 1998 at 03:21:54PM -0800
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Thu, Mar 19, 1998 at 03:21:54PM -0800, Tom wrote:
> 
> On Thu, 19 Mar 1998, Robert Watson wrote:
> 
> > On Thu, 19 Mar 1998, Richard Stanaford wrote:
> > 
> > >   Indeed it is normal.  FreeBSD takes only the first 8 significant
> > > characters and then truncates the rest.  This is not FreeBSD specific. 
> > > BSDI is the same way, along with Solaris and other flavors of Unix, I
> > > believe.   
> > 
> > However, BSD/OS allows you to modify the max password length for
> > userclasses, up to 128 characters I think?  Similarly, the password
> 
>   This is for user entry purposes.  FreeBSD has it to.  It has nothing to
> do with how many password characters might be significant.
> 
> > behavior here is a function of the crypt() used -- with Kerberos, you get
> > whatever the Kerberos behavior is -- it certainly has more significant
> > characters, however.  I would personally like to see change in behavior
> > here, perhaps as a login.conf option similar to BSD/OS.  I don't see one
> > in the -stable login.conf man page, however.
> 
>   md5 also has more significant characters (16 I believe).  In many ways,
> the "secure" (DES) distribution is actually less secure than the default
> md5.

I don't understand this stuff, but I did a braindead-newbie installation of
2.2.2 and I use long passwords because I never heard there was a limit of 8.
The long passwords are very real on my system.

My 43 character password doesn't work if I leave characters off the end.
My 89 character password doesn't work if I omit or change the last
character.

Clearly we are seeing some differences here. If there is a password length
limit it should be documented somewhere handy, especially if installation
decisions affect it. I'm keen to see agreement and then a plain English
summary.

-- 

Regards,
        -*Sue*-

find / -name "*.conf" |more


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message