Mailinglist Archive: opensuse-security (109 mails)

< Previous Next >
Re: [suse-security] password history
  • From: Ariel Sabiguero Yawelak <asabigue@xxxxxxxxxxx>
  • Date: Mon, 27 Mar 2006 14:48:59 -0300
  • Message-id: <4428258B.8050508@xxxxxxxxxxx>
Don't forget the salt... (asuming classic Unix passwd storing mechanism) or newer mechanisms.

Just try to change the password twice and look at it.


suse@xxxxxxxxxxxx wrote:
What about storing the **encrypted** passwords in a database, such as mysql, with a column indicating when it was first stored there? Then you can write a script to check the validity of the password.


In theory, theory and practice are the same;
in practice they are not.

< Previous Next >