Date: Fri, 14 Feb 1997 08:28:34 -0700 From: Warner Losh <imp@village.org> To: Guido.vanRooij@nl.cis.philips.com (Guido van Rooij) Cc: security@freebsd.org Subject: Re: blowfish passwords in FreeBSD Message-ID: <E0vvPYw-0002eL-00@rover.village.org> In-Reply-To: Your message of "Fri, 14 Feb 1997 10:13:49 %2B0100." <199702140913.KAA25549@bsd.lss.cp.philips.com> References: <199702140913.KAA25549@bsd.lss.cp.philips.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199702140913.KAA25549@bsd.lss.cp.philips.com> Guido van Rooij writes: : It depends. I would very much like it to be compatible with the : OpenBSD stuff. Did they adapt the $<n>$ scheme and allocate a new number? Yes. They are using $2$. : Further, I think we should not adapt to every new password scheme around. : It would make the password system unecessarily complex as we will : have to support every scheme simultaneously. So perhaps first a close : look at the new stuff should be taken. I agree with that statement. However, with people breaking 40 and 48 bit keys in under three weeks now by brute force, a stronger password scheme is needed. I think that this is just such a scheme. I also agree that we should take a close look at this stuff with an eye towards merging it in. The need currently isn't urgent to bring this in, so it can wait a few days/weeks while the code review goes on. Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0vvPYw-0002eL-00>