| commit | 89aac3c7930f8cb4a02c3d25b1e771cd926ef253 | |
| author | Kyle J. McKay <mackyle@gmail.com> | |
| Sat, 27 Jul 2013 01:09:59 +0000 (26 18:09 -0700) | ||
| committer | Kyle J. McKay <mackyle@gmail.com> | |
| Sat, 27 Jul 2013 01:33:38 +0000 (26 18:33 -0700) | ||
| tree | b058ee49b2ec98f96fae950cacf0ecdd866bca18 | treesnapshot (tar.gz zip) |
| parent | 1d1b2a52dacdd07ea0acb252ad338e7de2ffc13c | commitdiff |
passwords: use crypt_sha1 when saving passwords
Previously the crypt function was used to save passwords.
It has a number of drawbacks including only using the first
8 characters of the user-provided password.
Instead use a compatible implementation of the NetBSD
__crypt_sha1 function instead. This allows all characters
of the password to be used and is more resistant to cracking
than the DES-based crypt. The produced values should be
100% compatible with those output by NetBSD's __crypt_sha1().
Existing crypt passwords will continue to recognized but
any new or updated passwords will use crypt_sha1.
Previously the crypt function was used to save passwords.
It has a number of drawbacks including only using the first
8 characters of the user-provided password.
Instead use a compatible implementation of the NetBSD
__crypt_sha1 function instead. This allows all characters
of the password to be used and is more resistant to cracking
than the DES-based crypt. The produced values should be
100% compatible with those output by NetBSD's __crypt_sha1().
Existing crypt passwords will continue to recognized but
any new or updated passwords will use crypt_sha1.
| Girocco/HashUtil.pm | [new file with mode: 0644] | blob |
| Girocco/Project.pm | diffblobblamehistory |