> > This is a result of UNIX crypt (I believe). Standard unix passwords only > > handle the first 8 characters of a password; RH6.0 allows you to install MD5 > > passwords, which can give you additional length, if desired. > > Most Linux distributions do this. > > Anyone relaying on DES passwd encryption these days could be said to > have no passwd encryption at all - the entire legal 1-8 character passwd > space will fit in less than 4Gb, so a determined cracker can fairly > quickly determine what any given crypted password really is. What????????? where do you get 4GB from? there are almost 10^16 legal passwords. PLus you're fogetting the salt which is designed to stop this preencoded dictionary approach.... 4GB maybe - if your users are instructed only to use Numbers.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:03:13 PDT