-----BEGIN PGP SIGNED MESSAGE----- Much ado about nothin', i think. Roman is right. If an attacker has access to your encrypted password there's nothing to worry about, you've been hacked. I one sets up a good security policy (tcp wrappers, firewall, user acces) there's nothing to worry about cracked passwords. Using something like shadow works just fine. You could even set up a plain text password file instead of crypt, md5, blowfish and others. Please, do add an "IMHO" at the begining of each sentence. - --- Bogdan Zapca System Administrator SC EcoSoft SA Internet Service Provider 1-7 Deva st, Cluj-Napoca, Romania Tel: +40 64 199696 PGP: http://www.itotal.ro/lupe@admin2.ecosoft.ro.pgp http://www.ecosoft.ro -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBOZrKadPv6ylvTc6pAQFtFgP/RTamR0d/+lUzEetBWc70lVY/DLlEB5Cz r1R6ii0gWuaN/tfTz86rTzpfohj8+vZvn6zqbOqWU2N6UVgDc1048nHpRJX5kEhy pDMrIEuJOPpLIYrPLYy6wXPbuJHHpdXjeOSnrhfjEAfSmhkaWgQCcN3/MVFhqm2U OnfYADpnYZY= =SwIT -----END PGP SIGNATURE-----