Date: Thu, 2 Mar 2000 23:48:08 -0800 (PST) From: Mike Harding <mvh@ix.netcom.com> To: freebsd-stable@freebsd.org Subject: Re: Password Length Message-ID: <20000303074808.1FF40A540C@netcom1.netcom.com> In-Reply-To: <38BF10BF.86D1EA83@duwde.com.br> (message from Fabio Dias on Thu, 02 Mar 2000 22:09:19 -0300) References: <Pine.BSF.4.10.10003021939150.15588-100000@tetron02.tetronsoftware.com> <38BF10BF.86D1EA83@duwde.com.br>
next in thread | previous in thread | raw e-mail | index | archive | help
Which is a pet peeve of mine - if you upgrade your security, you get far worse password security. Is there a way to jam the passwords into MD5 mode? If not, couldn't a sysctl var or something in /etc/make.conf do this? - Mike H. Date: Thu, 02 Mar 2000 22:09:19 -0300 From: Fabio Dias <duwde@duwde.com.br> X-Accept-Language: en Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-stable@FreeBSD.ORG X-Loop: FreeBSD.ORG Precedence: bulk X-RULES: lists Gene Harris wrote: Hi Gene. > I just noticed today that my passwords are only being checked to a length of 8 > characters. (By this I mean that I only have to type in the first 8 > characters of the password. YIKES!) I have minpasswdlen set to 8 in my > login.conf file for the user profile. I have studied the man chpass, man > passwd and man login.conf pages. Is there a setting someplace that extends > the length of the password? This was very unsettling to discover! Aren't you running crypt+DES ? I bet you are :) Passwords (without crypt+DES) can be up to_PASSWORD_LEN - 1 (NULL) == 127 Indeed, when running crypt+DES, If I'm not wrong, what you've described is true. -- /* Fabio Dias / Duwde <duwde@duwde.com.br> HP & PGP avaible at http://www.duwde.com.br PGP key (2048 Bits / KeyID 0x6A53EC31) FP: BB35 50F2 7F83 655D 6B11 F0A2 F8E2 FF3D */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000303074808.1FF40A540C>