Subject: Re: Max MD5 password length?
To: Dave Huang <>
From: gabriel rosenkoetter <>
List: current-users
Date: 11/10/2001 04:58:28
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Nov 10, 2001 at 03:49:45AM -0600, Dave Huang wrote:
> I know the maximum useful password length with old style crypt()
> passwords is 8 characters. What's the max for MD5 passwords? (Or is
> there not one?)

md5 goes from an arbitray length to a 128-bit message digest. Since
the output size is what matters for storage in /etc/master.passwd
(and it's always the same), you should be able to use however long
a password you like, provided it doesn't bump up against the end
of a buffer in login(1) or passwd(1). (It'll still get turned into
the same length digest, of course.)

       ~ g r @

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.0.6 (NetBSD)
Comment: For info see