Russ Allbery <rra@debian.org> writes: > Keys based on user passwords should be fine. However, I was just reminded that Kerberos password changes with Heimdal similarly use OpenSSL to generate the session key, and therefore password change sessions are subject to the same possible attack by brute-forcing the random session key. -- Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>