Date: Fri, 17 May 2002 00:22:40 +0200 (CEST) From: "Jesper Wallin" <z3l3zt@phucking.kicks-ass.org> To: <pulz@pulz.no> Cc: <security@freebsd.org> Subject: Re: How secure is a password and how many characters does it allow? Message-ID: <2079.213.112.58.238.1021587760.squirrel@phucking.kicks-ass.org> In-Reply-To: <007901c1fd27$02f29a10$fa00a8c0@elixor> References: <007901c1fd27$02f29a10$fa00a8c0@elixor>
next in thread | previous in thread | raw e-mail | index | archive | help
Well.. How will that effect my security? Isn't it more secure to use 128 characters instead of 8? Sounds like, if the security was the same the blowfish would be default or something similar.. What do You recommend? //Jesper Wallin aka Z3l3zT > if you look at this article at bsdvault. > http://bsdvault.net/sections.php?op=viewarticle&artid=89 > > You would see that default encryption only support 8 chars. > > But you can change to blowfish password, this is an easy job. > Look at the article and you will se the guide there. > > Best regards > Geir Råness > > ----- Original Message ----- > From: "Jesper Wallin" <z3l3zt@phucking.kicks-ass.org> > To: <security@freebsd.org> > Sent: Thursday, May 16, 2002 11:43 PM > Subject: How secure is a password and how many characters does it > allow? > > >> Hello. >> >> I take the whole story from the begining.. My girl friend is/was >> running Slackware Linux and wanted to get her webcam working.. After >> searching for docs/help in about 1 month she decided to install >> Windows ME (Millenium Edition). Something did go wrong with the >> install so ext2 file system got messed up.. She removed Linux for some >> days and is running Windows only > now.. >> >> As many of us know is Windows ME quite unstable and for each program >> you install you need to reboot.. (why??) After she reconnected to IRC >> throught mIRC for the 6th time under 10minutes she asked me to give >> her a shell on > my >> box.. Ofcause I created a new user and from now on she's running >> irssi.. (good girl :) >> >> She uses a password which is 10 characters long with both caps, >> non-caps, numbers and ascii characters.. However she's used to put to >> small > passwords >> together to get a bigger and stronger password.. This password is one >> of > the >> "small" passwords.. >> >> She tryed to login on the box with her 10 characters long password >> which worked (ofcause) .. Now she detected that she was able to login >> when using > a >> phrase looking like [correct-password][junk/another-password].. If she > start >> the phrase with the correct password, she is able to login even if she >> add anything else after the correct password.. For me it looks like a >> limit of 10 characters passwords.. is this true? >> >> I know I havn't seach much help by myown before asking here but I hope >> someone out there may have an answer on my (wierd) question.. >> >> >> //Jesper Wallin aka Z3l3zT >> >> >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2079.213.112.58.238.1021587760.squirrel>