Date: Fri, 03 Mar 2000 00:08:40 -0800 From: Kuzak <kuzak@kuzak.net> To: freebsd-stable@freebsd.org Subject: Re: Password Length Message-ID: <200003030819.e238Jjp32583@alpha.dgweb.com> In-Reply-To: <20000303074808.1FF40A540C@netcom1.netcom.com> References: <38BF10BF.86D1EA83@duwde.com.br> <Pine.BSF.4.10.10003021939150.15588-100000@tetron02.tetronsoftware.com> <38BF10BF.86D1EA83@duwde.com.br>
next in thread | previous in thread | raw e-mail | index | archive | help
Well don't forget that a password of length 8 that is case sensitive and allows for special characters offers something like ~73! permutations which is damn near close to number of atoms estimated to be in the universe.. It should be more than adiquate to simply require your users to not use all one case or just alphanumeric passwords.. just make them include at least one special character.. -Aric ( My One Cent ) > Date: Thu, 02 Mar 2000 22:09:19 -0300 > From: Fabio Dias <duwde@duwde.com.br> > X-Accept-Language: en > Content-Type: text/plain; charset=us-ascii > Sender: owner-freebsd-stable@FreeBSD.ORG > X-Loop: FreeBSD.ORG > Precedence: bulk > X-RULES: lists > > Gene Harris wrote: > > Hi Gene. > > I just noticed today that my passwords are only being checked to a length of 8 > > characters. (By this I mean that I only have to type in the first 8 > > characters of the password. YIKES!) I have minpasswdlen set to 8 in my > > login.conf file for the user profile. I have studied the man chpass, man > > passwd and man login.conf pages. Is there a setting someplace that extends > > the length of the password? This was very unsettling to discover! > Aren't you running crypt+DES ? I bet you are :) > Passwords (without crypt+DES) can be up to_PASSWORD_LEN - 1 (NULL) == > 127 > Indeed, when running crypt+DES, If I'm not wrong, what you've described > is true. > > -- > /* > Fabio Dias / Duwde <duwde@duwde.com.br> > HP & PGP avaible at http://www.duwde.com.br > PGP key (2048 Bits / KeyID 0x6A53EC31) > FP: BB35 50F2 7F83 655D 6B11 F0A2 F8E2 FF3D > */ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-stable" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200003030819.e238Jjp32583>