Date: Thu, 16 May 2002 15:58:57 -0700 From: Matthew Hunt <mph@astro.caltech.edu> To: Jesper Wallin <z3l3zt@phucking.kicks-ass.org> Cc: pulz@pulz.no, security@FreeBSD.ORG Subject: Re: How secure is a password and how many characters does it allow? Message-ID: <20020516155856.A46782@wopr.caltech.edu> In-Reply-To: <2079.213.112.58.238.1021587760.squirrel@phucking.kicks-ass.org>; from z3l3zt@phucking.kicks-ass.org on Fri, May 17, 2002 at 12:22:40AM %2B0200 References: <007901c1fd27$02f29a10$fa00a8c0@elixor> <2079.213.112.58.238.1021587760.squirrel@phucking.kicks-ass.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, May 17, 2002 at 12:22:40AM +0200, Jesper Wallin wrote: > How will that effect my security? Isn't it more secure to use 128 characters > instead of 8? Sounds like, if the security was the same the blowfish would > be default or something similar.. What do You recommend? DES is the traditional algorithm, and is probably the default for interoperability with old software and NIS. I've used MD5 for years with no trouble for the longer password support. If you don't run NIS, then I don't think there's any reason to stick with DES. -- Matthew Hunt <mph@astro.caltech.edu> * Inertia is a property http://www.pobox.com/~mph/ * of matter. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020516155856.A46782>