Re: Security trough paranoia
On Sat, Mar 31, 2001 at 04:34:20PM +0200, Arthur Korn wrote:
> Ben Gertzfield schrieb:
> > How exactly are you proposing to keep change shadow passwords back and
> > forth from MD5 without having the user re-input every password?
> >
> > This is Very Hard to Do. :)
>
> The switch from crypt to md5 is not that hard, given
> sufficiently bad passwords (which _many_ users have). :)
Is there any (currently implemented) way to switch from crypt to md5,
supporting crypt passwords already in the database, but adding new passwords
using md5? This would allow administrators to make a smooth transition.
--
- mdz
Reply to: