Re: Testing a password

To: Todd Gruhn <tgruhn2%gmail.com@localhost>
Subject: Re: Testing a password
From: Dan LaBell <dan4l-nospam%verizon.net@localhost>
Date: Sat, 1 Aug 2020 12:05:30 -0400

You, probably, don't want to do this.
Those passwords, can be very long,  are for you some
reason running NIS, but not NIS plus?
You're not, trust me, you're not running NIS,
or YP password, where yeah, that was necessary,
because crypto was kept weak, by design, apparently,
or laziness, FTP passwords were sent, and still are,
sent plain text, then there's base 64 web passwords.

So forcing users, to change passwords, when you knew a trainee, ornew hire, or student junior admin, could sniff, with tools, that arewere installed by default, if sun, or digital, unix, then yeah, youdon't admit that, instead, someone checks the password files, andannoys people at the computer.

Ensuring strong passwords, should be a pam module, somehow, imo, ifreally,

you need software enforced compliance.

On Apr 29, 2020, at 6:26 PM, Todd Gruhn wrote:

I found the master password file. The passwords that were set (root,
cvs, my account)
all start with $sha$ -- so the passwords are encrypted using SHA?

If I write a PERL program that checks passwords (cant use crypt),how would I do

this? Any particular modules I need?

References:
- Testing a password
  - From: Todd Gruhn

Prev by Date: Re: mailing lists cannot be searched from the new web pages
Next by Date: using (3rd party) Bluetooth on Raspberry Pi
Previous by Thread: Re: Testing a password
Next by Thread: setting file creation time of a date
Indexes:

Home | Main Index | Thread Index | Old Index