cifs password length?
Cameron Simpson
cs at zip.com.au
Sat Jan 13 22:50:55 UTC 2007
On 13Jan2007 14:15, Craig White <craigwhite at azapple.com> wrote:
| On Sat, 2007-01-13 at 12:21 -0600, Chris Mohler wrote:
| > Not an answer but - one time I tried mounting my home dir via
| > netatalk, and (much to my surprise) the password entry box on the mac
| > (OS7 - don't ask!) would only let me input 8 chars for the password!
| > Not good, since my passwd is much longer - I had to change it
| > temporarily.
| ----
| agreed and this is a Macintosh issue since I have set up LDAP
| authentication at various clients and have had to shorten passwords for
| Macintosh users
Original UNIX crypt only hashed the first 8 characters of a password.
Making passwords longer gave no added protection, but could supply the
illusion that the password was more secure. If the Mac doesn't or didn't
speak the newer hashes then there's a good argument for constraining the
password length - it ensures people know to get all the hard-to-crackness
into those 8 characters.
(Conversely, Windows passwords are 14 characters, but hashed as two
7-character chunks, individually attackable, so they are even weaker!)
Cheers,
--
Cameron Simpson <cs at zip.com.au> DoD#743
http://www.cskk.ezoshosting.com/cs/
For the people that aim to stop P2P, they have turned a centralized system
like Napster - easily controlled, easily monitored - into a fully
decentralized system in the form of Kazaa, as well as a fragmented ecosystem
of thousands of centralized servers through BitTorrent. This was probably a
bad decision. As the folks on Fark.com say, "chilarity ensues."
- Monkey Methods BitTorrent Paper
http://monkeymethods.org/pubs/is-bittorrent-dead-centralization-analysis.htm
More information about the fedora-list
mailing list