Date: Thu, 10 Jun 1999 09:49:20 -0400 (EDT) From: Bill Vermillion <bill@bilver.magicnet.net> To: freebsd-isp@freebsd.org Subject: Re: Finding what user's previous password was. Message-ID: <199906101349.JAA90294@bilver.magicnet.net> In-Reply-To: <375FB347.678E2667@eclipse.net.uk> from Stuart Henderson at "Jun 10, 1999 1:44:55 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Stuart Henderson recently said: > > > ..or it's still in /var/backups/master.passwd.bak > > However it's encoded. To prove the the user that it had > > not changed you'd neet to take the password the user thinks he > > had an encrypt it with the same salt - otherwise you have one > > chance of 4096 of them matching. > Unless you copy and paste it to the master.passwd file and > get him to try logging in with it :) Unless your master password backup file is older than the date on which the person experienced the problems, you can't guarantee that was the password. If you save the information that the daily reports generate you will have a record when the account was created and when passwords, (or anything else in that users file) was changed. Bill -- bv@wjv.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906101349.JAA90294>