[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Admin/root password security hole

Subject: RE: [cobalt-users] Admin/root password security hole
From: Jonas Pasche <jonas@xxxxxxxx>
Date: Tue Apr 25 03:46:31 2000

hi there,

well,... its not a "real" security hole...
because linux mostly ONLY counts the first 8 entered letters/digits

funny addition... as already pointed out the raq uses only the first 8characters of a password [if you don't use PAM]. but the GUI always sayssomething about a password length "between 3 and 16 characters", so i askedcobalt why the tell us something about 16 characters while only 8 arerecognized. jason from cobalt told me:


"Basically, the reasoning behind the 16 characters is
to encourage people to pick secure passwords.  We do realize that Linux
truncates beyond 8 characters, but it's probably better for users to have
truncated passwords than to have passwords that are too short."

just my $0.02 :-)

cya, jonas.


____________________________________________
Jonas Pasche
Technischer Support

webagentur Domke GmbH

Rheinstr. 3 - 64283 Darmstadt - Germany

Telefon +49 6151 17742-33
Telefax +49 6151 293173

http://www.domke.de

mailto:j.pasche@xxxxxxxx

____________________________________________

Follow-Ups:
- Re: [cobalt-users] Admin/root password security hole
  - From: Dom Latter

Prev by Date: Re: [cobalt-users] need simple answer to Simple Question
Next by Date: Re: [cobalt-users] ASP - PHP
Previous by thread: Re: [cobalt-users] Admin/root password security hole
Next by thread: Re: [cobalt-users] Admin/root password security hole

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index