From owner-freebsd-security Thu May 16 20: 5:15 2002 Delivered-To: freebsd-security@freebsd.org Received: from mail.deltanet.com (mail.deltanet.com [216.237.144.132]) by hub.freebsd.org (Postfix) with ESMTP id F332637B417 for ; Thu, 16 May 2002 20:05:04 -0700 (PDT) Received: from mammoth.eat.frenchfries.net (da001d0066.lax-ca.osd.concentric.net [64.0.144.67]) by mail.deltanet.com (8.11.6/8.11.6) with ESMTP id g4H2iOO20698 for ; Thu, 16 May 2002 19:44:24 -0700 Received: by mammoth.eat.frenchfries.net (Postfix, from userid 1000) id EE9395092; Thu, 16 May 2002 20:04:53 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mammoth.eat.frenchfries.net (Postfix) with ESMTP id EBFC85087 for ; Thu, 16 May 2002 20:04:53 -0700 (PDT) Date: Thu, 16 May 2002 20:02:42 -0700 (PDT) From: Paul Herman X-X-Sender: pherman@mammoth.eat.frenchfries.net To: Matthew Hunt Cc: Jesper Wallin , , Subject: Re: How secure is a password and how many characters does it allow? In-Reply-To: <20020516155856.A46782@wopr.caltech.edu> Message-ID: <20020516190531.W23217-100000@mammoth.eat.frenchfries.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, 16 May 2002, Matthew Hunt wrote: > On Fri, May 17, 2002 at 12:22:40AM +0200, Jesper Wallin wrote: > > > How will that effect my security? Isn't it more secure to use 128 characters > > instead of 8? Sounds like, if the security was the same the blowfish would > > be default or something similar.. What do You recommend? > > DES is the traditional algorithm, and is probably the default for > interoperability with old software and NIS. I've used MD5 for years with > no trouble for the longer password support. If you don't run NIS, then > I don't think there's any reason to stick with DES. OK, here's a quick rundown, some of which has been stated in this thread already. Hash Max significant password characters ------------------------------------------ DES 8 MD5 >512K (only tested up to 512K) Blowfish 72 MD5 *is* the default in FreeBSD (see /etc/login.conf) unless you use adduser(8) perl script, which still generates the older DES password hashes. Also, it was stated that the Blowfish hash is faster. The Blowfish password hash is, in fact, slower. Quick testing shows that the default Blowfish seems to be roughly 50% slower than MD5. This is a Good Thing if you want to protect against brute force guessers. Not only that, the algorithm scales better with time, because you can set the number of iterations for the hash within the salt itself. The default is hardcoded for now to be 2^4=16 in /usr/src/secure/lib/libcrypt/crypt-blofish.c:crypt_blowfish(), but you can change this "on the fly" and put it in your own /etc/master.passwd by providing the salt yourself: bash$ perl-e 'print crypt("secret", "\$2a\$04\$salt") '; echo $2a$04$salt............kC2SI.F9h7C15VchgS17zSObA10b/m9d6c.xa bash$ perl-e 'print crypt("secret", "\$2a\$06\$salt") '; echo $2a$06$salt............kC2SI.pIUU5dNGIJMpP6Fe73WiLDWgq9hZNgO bash$ perl-e 'print crypt("secret", "\$2a\$08\$salt") '; echo $2a$08$salt............kC2SI.QSKa17W8d4Tf9v/Hxo4DeCxL8Amj7cm Lastly, all can be used in NIS, provided all OSes can understand the hash (which is probably what Matt meant.) In fact, I've used MD5 in NIS for years now, with mixed Linux and FreeBSD systems. Only recently has RedHat modified thier MD5 hash algorithm to include a wider range characters. :-( Hope that clears things up, -Paul. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message