Date: Sat, 16 Apr 2005 12:31:45 +0200 From: Anthony Atkielski <atkielski.anthony@wanadoo.fr> To: freebsd-questions@freebsd.org Subject: Encryption of login passwords--where and how is it done? Message-ID: <1197988274.20050416123145@wanadoo.fr>
next in thread | raw e-mail | index | archive | help
Where's the actual code that accepts the input of a password and/or encrypts it? I looked in login.c, but that only seems to call PAM or something; from that point on, I wasn't sure where to look. I'm especially interested in knowing how a very long password (up to the FreeBSD limit of, I think, 128 characters) is hashed and mashed into an encrypted password, but I'm also generally interested in the whole process. I'd like to think that a 128-byte password consisting of random words and special characters would be just as secure as a shorter, completely random password, but that's only true if FreeBSD is hashing the entire 128-byte string in some cryptographically secure way in order to produce an encrypt password that is a function of every bit of the plaintext password. -- Anthony
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1197988274.20050416123145>