[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: md5 hashing on passwords?

From: Andrew Morgan <morgan transmeta com>
To: pam-list redhat com
Subject: Re: md5 hashing on passwords?
Date: Tue, 26 Sep 2000 14:49:10 -0700

Steve Langasek wrote:
> My only concern with this function is that it would still treat (e.g) two
> 128-character passwords with good randomization as too similar if they
> contained the same set of characters.  Still, the proposed change is certainly
> a far sight better than what we currently have, and I don't know of a simple
> way to check if two passwords are too similar (or even a simple way to
> /define/ if they're too similar), so I'm not going to worry too much about it.
> :)

What still concerns me is that a password like:

 thequickbrownfoxjumpsoverthelazydog

would be hard to replace, since this check would basically match most of
any conventional replacment. Any ideas on that?

Cheers

Andrew

Follow-Ups:
- Re: md5 hashing on passwords?
  - From: Solar Designer <solar@false.com>

References:
- Re: md5 hashing on passwords?
  - From: Steve Langasek <vorlon@netexpress.net>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index] []