From owner-freebsd-security Mon Jun 14 20:29:40 1999 Delivered-To: freebsd-security@freebsd.org Received: from phoenix (phoenix.aye.net [198.7.192.5]) by hub.freebsd.org (Postfix) with SMTP id 1B82A14DBF for ; Mon, 14 Jun 1999 20:29:38 -0700 (PDT) (envelope-from barrett@phoenix.aye.net) Received: (qmail 2320 invoked by uid 1000); 15 Jun 1999 03:29:12 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 15 Jun 1999 03:29:12 -0000 Date: Mon, 14 Jun 1999 23:29:12 -0400 (EDT) From: Barrett Richardson To: Holtor Cc: freebsd-security@freebsd.org Subject: Re: DES & MD5? In-Reply-To: <19990615025002.24925.rocketmail@web105.yahoomail.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 14 Jun 1999, Holtor wrote: > > Hello guys. I've been using DES on all my servers > but i'm thinking of converting to MD5 since it > seems to be more secure? > The key space is much larger. If users were forced to require passwords at least nine characters in length that would make it tougher on password cracking programs. > I know that its not an easy change, probably even > an impossible one...can anyone point me in a good > direction? You might could change the name of crypt in libdes.a to something like crypt_des() and then hack crypt() to fall back to crypt_des() if it does not get fed a salt beginning with "$1$". > > Also any input on which is better and why would > be appreciated aswell. > > Thanks, > Holt > _________________________________________________________ > Do You Yahoo!? > Get your free @yahoo.com address at http://mail.yahoo.com > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message