Re: wish list

["Michael H. Warfield" <mhw@wittsend.com>]

Cristiano Lincoln Mattos enscribed thusly:

> On 6 Jun 1999, Brandon Craig Rhodes wrote:

> > Off the top of my head (and some (perhaps all, for all I know) of
> > these wishes have already appeared elsewhere):
> >     o	MD5 shadow passwords by default.

> Hi,

> 	What is the advantage of MD5 shadow passwords, over normal
> UNIX crypt()?  

	At the very least...  Long passwords...  The use of UNIX crypt,
which uses DES to create a hash function, limits passwords to 8 characters
in standard form or 16 characters in an expanded form that was available
in the original shadow password suite.  MD5 hashes allow for larger
passwords without giving away hints to the password length.

	Some would also argue that MD5 hashes are harder to brute force than
DES passwords.  I'm not totally sure that's a valid claim or, even if it was,
that it's significant enough to warent MD5 over DES.  One thing is for sure,
DES (aka Unix crypt) offers nothing over MD5 with the possible exception of
password file portability.  (But we are talking SECURE distributions here -
right?)

> Cristiano Lincoln Mattos			   Recife / Brazil


	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw@WittsEnd.com
  (The Mad Wizard)      |  (770) 925-8248   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!

-
Securedistros: A common list for all secured Linux distributions
Archive:       http://humbolt.nl.linux.org/lists/