[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Password policy.


On Tue, Nov 13, 2018 at 01:37:22PM -0500, Jude DaShiell wrote:
> It's not even adequate against rainbow table hash attacks and hasn't
> been for several years by now either.

That's why they using salted hashes for passwords in /etc/shadow for the
last 15 years at least - and it's considered an adequate protection
against Rainbow Tables.
Besides, if the hashing algorithm is that bad that it can be cracked by
Rainbow Tables (the old Unix crypt, for instance) - the password length
is hardly relevant.


Reply to: