16 Aug
2000
16 Aug
'00
12:53
Kurt Seifried wrote:
Actually it's less then 4096 values:
a-z, A-Z, some other chars, more like 2-3000. This is why you use MD5 passwords (RedHat, etc support it) or Blowfish (OpenBSD). Also using something like MD5 significantly increases the amount of time an attacker needs to brute force the passwords (MD5 is slooooooooow).
-Kurt
To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
A snippet from my manual entry indicates there are 4096 possible salts: : : salt is a two-character string chosen from the set [a-zA-Z0-9./]. This string is used to perturb the algo- rithm in one of 4096 different ways. : Cheers - Les Catterall