Date: Fri, 17 May 2002 01:32:37 +0200 From: =?iso-8859-1?Q?Geir_R=E5ness?= <pulz@pulz.no> To: "Jesper Wallin" <z3l3zt@phucking.kicks-ass.org> Cc: <security@freebsd.org> Subject: Re: How secure is a password and how many characters does it allow? Message-ID: <009501c1fd31$f7b69f10$fa00a8c0@elixor> References: <007901c1fd27$02f29a10$fa00a8c0@elixor> <2079.213.112.58.238.1021587760.squirrel@phucking.kicks-ass.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I would advise you to change realy, blowfish is faster and bether... Also i has bether securety.. Mvh Geir Råness ----- Original Message ----- From: "Jesper Wallin" <z3l3zt@phucking.kicks-ass.org> To: <pulz@pulz.no> Cc: <security@freebsd.org> Sent: Friday, May 17, 2002 12:22 AM Subject: Re: How secure is a password and how many characters does it allow? > Well.. > > How will that effect my security? Isn't it more secure to use 128 characters > instead of 8? Sounds like, if the security was the same the blowfish would > be default or something similar.. What do You recommend? > > > //Jesper Wallin aka Z3l3zT > > > if you look at this article at bsdvault. > > http://bsdvault.net/sections.php?op=viewarticle&artid=89 > > > > You would see that default encryption only support 8 chars. > > > > But you can change to blowfish password, this is an easy job. > > Look at the article and you will se the guide there. > > > > Best regards > > Geir Råness > > > > ----- Original Message ----- > > From: "Jesper Wallin" <z3l3zt@phucking.kicks-ass.org> > > To: <security@freebsd.org> > > Sent: Thursday, May 16, 2002 11:43 PM > > Subject: How secure is a password and how many characters does it > > allow? > > > > > >> Hello. > >> > >> I take the whole story from the begining.. My girl friend is/was > >> running Slackware Linux and wanted to get her webcam working.. After > >> searching for docs/help in about 1 month she decided to install > >> Windows ME (Millenium Edition). Something did go wrong with the > >> install so ext2 file system got messed up.. She removed Linux for some > >> days and is running Windows only > > now.. > >> > >> As many of us know is Windows ME quite unstable and for each program > >> you install you need to reboot.. (why??) After she reconnected to IRC > >> throught mIRC for the 6th time under 10minutes she asked me to give > >> her a shell on > > my > >> box.. Ofcause I created a new user and from now on she's running > >> irssi.. (good girl :) > >> > >> She uses a password which is 10 characters long with both caps, > >> non-caps, numbers and ascii characters.. However she's used to put to > >> small > > passwords > >> together to get a bigger and stronger password.. This password is one > >> of > > the > >> "small" passwords.. > >> > >> She tryed to login on the box with her 10 characters long password > >> which worked (ofcause) .. Now she detected that she was able to login > >> when using > > a > >> phrase looking like [correct-password][junk/another-password].. If she > > start > >> the phrase with the correct password, she is able to login even if she > >> add anything else after the correct password.. For me it looks like a > >> limit of 10 characters passwords.. is this true? > >> > >> I know I havn't seach much help by myown before asking here but I hope > >> someone out there may have an answer on my (wierd) question.. > >> > >> > >> //Jesper Wallin aka Z3l3zT > >> > >> > >> > >> To Unsubscribe: send mail to majordomo@FreeBSD.org > >> with "unsubscribe freebsd-security" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?009501c1fd31$f7b69f10$fa00a8c0>