[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RFC: A UNIX crypt(3) replacement

To: [email protected] (The Deviant)
Subject: Re: RFC: A UNIX crypt(3) replacement
From: Adam Shostack <[email protected]>
Date: Sun, 17 Nov 1996 09:32:49 -0500 (EST)
Cc: [email protected]
In-Reply-To: <[email protected]> from The Deviant at "Nov 17, 96 02:17:04 pm"
Sender: [email protected]

The Deviant wrote:
| On Sat, 16 Nov 1996, Joshua E. Hill wrote:
| > 	I'm trying to think of a function to replace UNIX's crypt(3).  
| > My design criteria are as follows:

| Why? UNIX passwords with password shadowing are as secure as any password
| system is going to get.  If your security holes are with passwords, its
| because your admin is to lazy to install needed security provissions, not
| because the system of checking passwords is bad.

	A longer salt would make running crack against a large
password file slower.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume

Follow-Ups:
- Re: RFC: A UNIX crypt(3) replacement
  - From: The Deviant <[email protected]>

References:
- Re: RFC: A UNIX crypt(3) replacement
  - From: The Deviant <[email protected]>

Prev by Date: Re: RFC: A UNIX crypt(3) replacement
Next by Date: Re: AGA'S LIMITED VOCABULARY
Prev by thread: Re: RFC: A UNIX crypt(3) replacement
Next by thread: Re: RFC: A UNIX crypt(3) replacement
Index(es):
- Date
- Thread