From owner-freebsd-security Mon Jan 15 12:16:48 2001 Delivered-To: freebsd-security@freebsd.org Received: from bsdie.rwsystems.net (bsdie.rwsystems.net [209.197.223.2]) by hub.freebsd.org (Postfix) with ESMTP id 9E82537B402 for ; Mon, 15 Jan 2001 12:16:27 -0800 (PST) Received: from bsdie.rwsystems.net([209.197.223.2]) (1483 bytes) by bsdie.rwsystems.net via sendmail with P:esmtp/R:bind_hosts/T:inet_zone_bind_smtp (sender: ) id for ; Mon, 15 Jan 2001 14:14:56 -0600 (CST) (Smail-3.2.0.111 2000-Feb-17 #1 built 2000-Jun-25) Date: Mon, 15 Jan 2001 14:14:54 -0600 (CST) From: James Wyatt To: Peter Jeremy Cc: Brian , David Talkington , security@FreeBSD.ORG Subject: Re: opinions on password policies In-Reply-To: <20010116070124.D91029@gsmx07.alcatel.com.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 16 Jan 2001, Peter Jeremy wrote: > On 2001-Jan-15 11:41:50 -0800, Brian wrote: > >Don't you need to do special stuff on some unix flavors to allow more than > >8 characters?? > > The `standard' for DES passwords is to allow you to enter long > passwords and just truncate them to 8 characters. As long as > the entered password is consistently truncated, it doesn't matter > that you are remembering a longer password. Sometimes I wish it warned folks. I had a user that had "Welcome2Elvis" for the Sun server named Elvis, "Welcome2Tigger" for the NEC box named Tigger, etc... They really had the same password for all machines when they thought they were unique - and they needed to be. - Jy@ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message