Date: Thu, 16 May 2002 20:02:42 -0700 (PDT) From: Paul Herman <pherman@frenchfries.net> To: Matthew Hunt <mph@astro.caltech.edu> Cc: Jesper Wallin <z3l3zt@phucking.kicks-ass.org>, <pulz@pulz.no>, <security@FreeBSD.ORG> Subject: Re: How secure is a password and how many characters does it allow? Message-ID: <20020516190531.W23217-100000@mammoth.eat.frenchfries.net> In-Reply-To: <20020516155856.A46782@wopr.caltech.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 16 May 2002, Matthew Hunt wrote:
> On Fri, May 17, 2002 at 12:22:40AM +0200, Jesper Wallin wrote:
>
> > How will that effect my security? Isn't it more secure to use 128 characters
> > instead of 8? Sounds like, if the security was the same the blowfish would
> > be default or something similar.. What do You recommend?
>
> DES is the traditional algorithm, and is probably the default for
> interoperability with old software and NIS. I've used MD5 for years with
> no trouble for the longer password support. If you don't run NIS, then
> I don't think there's any reason to stick with DES.
OK, here's a quick rundown, some of which has been stated in this
thread already.
Hash Max significant password characters
------------------------------------------
DES 8
MD5 >512K (only tested up to 512K)
Blowfish 72
MD5 *is* the default in FreeBSD (see /etc/login.conf) unless you
use adduser(8) perl script, which still generates the older DES
password hashes.
Also, it was stated that the Blowfish hash is faster. The Blowfish
password hash is, in fact, slower. Quick testing shows that the
default Blowfish seems to be roughly 50% slower than MD5. This is
a Good Thing if you want to protect against brute force guessers.
Not only that, the algorithm scales better with time, because you
can set the number of iterations for the hash within the salt
itself. The default is hardcoded for now to be 2^4=16 in
/usr/src/secure/lib/libcrypt/crypt-blofish.c:crypt_blowfish(),
but you can change this "on the fly" and put it in your own
/etc/master.passwd by providing the salt yourself:
bash$ perl-e 'print crypt("secret", "\$2a\$04\$salt") '; echo
$2a$04$salt............kC2SI.F9h7C15VchgS17zSObA10b/m9d6c.xa
bash$ perl-e 'print crypt("secret", "\$2a\$06\$salt") '; echo
$2a$06$salt............kC2SI.pIUU5dNGIJMpP6Fe73WiLDWgq9hZNgO
bash$ perl-e 'print crypt("secret", "\$2a\$08\$salt") '; echo
$2a$08$salt............kC2SI.QSKa17W8d4Tf9v/Hxo4DeCxL8Amj7cm
Lastly, all can be used in NIS, provided all OSes can understand
the hash (which is probably what Matt meant.) In fact, I've used
MD5 in NIS for years now, with mixed Linux and FreeBSD systems.
Only recently has RedHat modified thier MD5 hash algorithm to
include a wider range characters. :-(
Hope that clears things up,
-Paul.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020516190531.W23217-100000>