Re: MD5 passwords

To: Stephen Crowley <crow@debian.org>
Cc: debian-boot@lists.debian.org
Subject: Re: MD5 passwords
From: Ben Pfaff <pfaffben@pilot.msu.edu>
Date: 25 Apr 1999 14:44:38 -0400
Message-id: <[🔎] 877lr07d61.fsf@pfaffben.user.msu.edu>
Reply-to: pfaffben@pilot.msu.edu
In-reply-to: Stephen Crowley's message of "Sun, 25 Apr 1999 13:37:25 -0500"
References: <[🔎] 19990425131358.B18022@stephenc.digitalpassage.com> <[🔎] 8790bg7e4h.fsf@pfaffben.user.msu.edu> <[🔎] 19990425133725.A18153@stephenc.digitalpassage.com>

Stephen Crowley <crow@debian.org> writes:

   > Why?  Is there an advantage to MD5 passwords?  (If this is a FAQ
   > please just point me to the appropriate FM to RT.)

   I guess the question would be, why not? It allows unlimited password length
   and is much harder to crack if someone does happen to get ahold of
   /etc/shadow. 

Do all system utilities support MD5 passwords?  Do they introduce
incompatibilities with other OSes?

I think that this should be brought up on debian-policy or
debian-devel as well: if we don't currently use MD5 passwords by
default, there may be a reason.

Also, it's not possible to convert passwords between MD5 and standard
crypt(), so it's not just a matter of doing something analogous to
`shadowconfig on'/`shadowconfig off' like we have for shadow
passwords.
-- 
"While the Melissa license is a bit unclear, Melissa aggressively
 encourages free distribution of its source code."
--Kevin Dalley <kevin@seti.org>

Reply to:

Follow-Ups:
- Re: MD5 passwords
  - From: Stephen Crowley <crow@debian.org>
- Re: MD5 passwords
  - From: Anthony Towns <aj@azure.humbug.org.au>

References:
- MD5 passwords
  - From: Stephen Crowley <crow@debian.org>
- Re: MD5 passwords
  - From: Ben Pfaff <pfaffben@pilot.msu.edu>
- Re: MD5 passwords
  - From: Stephen Crowley <crow@debian.org>

Prev by Date: Re: MD5 passwords
Next by Date: Re: MD5 passwords
Previous by thread: Re: MD5 passwords
Next by thread: Re: MD5 passwords
Index(es):
- Date
- Thread