Re: shadow passwords?

Rick Adams (rick@seismo.CSS.GOV)
Tue, 8 Nov 88 11:44:49 EST

A better implementation of shadow passwords is not to replace
the encrypted password field with * or something obvious, but to
replace it with the correct number of random characters. Let the
wouldbe cracker TRY and decrypt something that isn't encrypted!


This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:44:29 GMT