RFC: A UNIX crypt(3) replacement
Adam Shostack
adam at homeport.org
Sun Nov 17 06:35:40 PST 1996
The Deviant wrote:
| On Sat, 16 Nov 1996, Joshua E. Hill wrote:
| > I'm trying to think of a function to replace UNIX's crypt(3).
| > My design criteria are as follows:
| Why? UNIX passwords with password shadowing are as secure as any password
| system is going to get. If your security holes are with passwords, its
| because your admin is to lazy to install needed security provissions, not
| because the system of checking passwords is bad.
A longer salt would make running crack against a large
password file slower.
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
More information about the cypherpunks-legacy
mailing list