Date: Thu, 16 May 2002 15:03:42 -0700 From: Matthew Hunt <mph@astro.caltech.edu> To: Alfred Perlstein <bright@mu.org> Cc: Jesper Wallin <z3l3zt@phucking.kicks-ass.org>, security@FreeBSD.ORG Subject: Re: How secure is a password and how many characters does it allow? Message-ID: <20020516150342.A43090@wopr.caltech.edu> In-Reply-To: <20020516215348.GB76843@elvis.mu.org>; from bright@mu.org on Thu, May 16, 2002 at 02:53:49PM -0700 References: <1837.213.112.58.238.1021585432.squirrel@phucking.kicks-ass.org> <20020516215348.GB76843@elvis.mu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, May 16, 2002 at 02:53:49PM -0700, Alfred Perlstein wrote: > All I know is that it seems that only the first eight characters > of a password are signifigant for the hash function used. That should be true of DES passwords, but not MD5. MD5 passwords can be identified by looking in /etc/master.passwd. The password fields (the second field, right after the username) will start with $1$ if MD5 passwords are in use. I think the method of specifying MD5 vs. DES has changes since I learned to do it, so in the interest of keeping my foot out of my mouth I'll just suggest that the original poster consult the Handbook/mailing list archives/etc. -- Matthew Hunt <mph@astro.caltech.edu> * Eight lanes of shimmering cement from http://www.pobox.com/~mph/ * here to Pasadena! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020516150342.A43090>