From owner-freebsd-questions Mon Apr 3 22: 6: 1 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mail1.noc0.hsacorp.net (mail1.noc0.hsacorp.net [208.247.171.140]) by hub.freebsd.org (Postfix) with ESMTP id 857B137B6EC for ; Mon, 3 Apr 2000 22:05:53 -0700 (PDT) (envelope-from jconner@enterit.com) Received: from [24.216.177.146] (HELO default.enterit.com) by mail1.noc0.hsacorp.net (CommuniGate Pro SMTP 3.2.3) with ESMTP id 9821843; Tue, 04 Apr 2000 01:05:51 -0400 Message-Id: <4.3.1.2.20000404011055.00d776b0@pseudonet.org> X-Sender: jconner@mail.enterit.com X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Tue, 04 Apr 2000 01:10:59 -0400 To: Bhishan Hemrajani , freebsd-questions@FreeBSD.ORG From: Jim Conner Subject: Re: only 8 chars of password needed to login Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This is not a problem with your machine at all. ALL *nix's that I have ever worked with only allow 8 character passwords. This is an old standard. I take back that all *nix's I have ever worked with were limited to only 8 character passwords...I have worked with some that have been tweaked. Most people do not mess with this for backward compatibility. The 8 character passworrd has been adopted from the "old" UNIXes of the day. Its been that way for years. Im not claiming to be all knowledgeable but I am pretty sure I am mostly accurate. Jim At 09:48 PM 4/3/00 -0700, Bhishan Hemrajani wrote: >I have a problem with user's passwords on my >system. I'm not sure if it is an error in my >setting up FreeBSD, or a security hole. > >What happens is, I set a password for a user >that is 10chars long. But, when I login, I can >just enter 8chars and anything after that, or just >the 8chars and it will let me log in. > >This also happens with su and the root password. > >My hunch is that I should use a different >encryption scheme for /etc/master.passwd > >However, I don't know how to do that. > >I am running: >FreeBSD 3.4-RELEASE on a p90. > >When I installed FreeBSD with sysinstall, I told >it "yes" to install the md5 encryption package >(I believe it was md5, I'm not quite sure) >And I installed all the encryption packages >available. > >Please help me solve this problem. > >--bhishan > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Today's errors, in contrast: Windows - "Invalid page fault in module kernel32.dll at 0032:A16F2935" UNIX - "segmentation fault - core dumped" Humanous Beingsus - "OOPS, I've fallen and I can't get up" ------------------------------- Jim Conner NOTJames jconner@enterit.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message