[geeks] IRIX, Passwords over 8 char?
Brian Hechinger
wonko at arkham.ws
Thu Apr 4 00:44:01 CST 2002
On Thu, Apr 04, 2002 at 01:50:53AM -0500, Ethan wrote:
>
> What is the big deal anyways? Who cares if the system accepts more than 8
> character passwords. No body brute forces DES encrypted password hashes...
> Dictionary attacks reveal weak passwords (which users would still
> continue to use even if the system allowed 128 character
> passwords). Assuming you run pwconv, the password file is shadowed. If
> someone is looking at your passwords from the shadow file, they can
> probably dump traffic from the ethernet interfaces, replace the ssh
> binaries, etc.
>
> Unless I'm missing something....
the big deal is that my personal password choices are all over 8 chars, and
it really annoys me that i have to come up with a new password scheme just
for the IRIX box.
-brian
--
"Oh, shut up Buddha." -Jesus Christ (South Park)
More information about the geeks
mailing list