Re: Password policy.

To: debian-user@lists.debian.org
Subject: Re: Password policy.
From: Reco <recoverym4n@enotuniq.net>
Date: Tue, 13 Nov 2018 22:00:00 +0300
Message-id: <[🔎] E1gMduq-0003m8-FV@enotuniq.net>
In-reply-to: <[🔎] alpine.NEB.2.21.1811131336380.194@panix1.panix.com>
References: <[🔎] E1gMbT7-0001Ge-TB@dalton.invalid> <[🔎] alpine.NEB.2.21.1811131336380.194@panix1.panix.com>

	Hi.

On Tue, Nov 13, 2018 at 01:37:22PM -0500, Jude DaShiell wrote:
> It's not even adequate against rainbow table hash attacks and hasn't
> been for several years by now either.

That's why they using salted hashes for passwords in /etc/shadow for the
last 15 years at least - and it's considered an adequate protection
against Rainbow Tables.
Besides, if the hashing algorithm is that bad that it can be cracked by
Rainbow Tables (the old Unix crypt, for instance) - the password length
is hardly relevant.

Reco

Reply to:

Follow-Ups:
- Re: Password policy.
  - From: Brian <ad44@cityscape.co.uk>

References:
- Password policy.
  - From: peter@easthope.ca
- Re: Password policy.
  - From: Jude DaShiell <jdashiel@panix.com>

Prev by Date: Re: Password policy.
Next by Date: Re: Password policy.
Previous by thread: Re: Password policy.
Next by thread: Re: Password policy.
Index(es):
- Date
- Thread