[ On Wednesday, August 6, 2003 at 08:06:30 (+0900), itojun@iijlab.net wrote: ]
> Subject: Re: /etc/passwd.conf 
>
> 	please read this.
> 	http://www.usenix.org/events/usenix99/provos/provos_html/
> 	Niels Provos and David Mazie`res, "A Future-Adaptable Password Scheme",
> 	1999 USENIX Annual Technical Conference

Before you go about worrying about making the password hash function
more secure you've got to make sure your users cannot choose easily
guessed passwords in the first place:

	http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=10206

I have this code updated and almost integrated into the netbsd-1-6
branch, though I'm hoping to make the host-build part of it properly
endian-independent before I re-publish the patch.

-- 
						Greg A. Woods

+1 416 218-0098                  VE3TCP            RoboHack <woods@robohack.ca>
Planix, Inc. <woods@planix.com>          Secrets of the Weird <woods@weird.com>