Re: Password policy.
- Date: Tue, 13 Nov 2018 20:14:41 +0000
- From: Brian <ad44@xxxxxxxxxxxxxxx>
- Subject: Re: Password policy.
On Tue 13 Nov 2018 at 22:00:00 +0300, Reco wrote:
> On Tue, Nov 13, 2018 at 01:37:22PM -0500, Jude DaShiell wrote:
> > It's not even adequate against rainbow table hash attacks and hasn't
> > been for several years by now either.
> That's why they using salted hashes for passwords in /etc/shadow for the
> last 15 years at least - and it's considered an adequate protection
> against Rainbow Tables.
> Besides, if the hashing algorithm is that bad that it can be cracked by
> Rainbow Tables (the old Unix crypt, for instance) - the password length
> is hardly relevant.
Your comments are probably uncontestable. Meanwhile - the OP sits tight
and does not expand on what he wants to defend against. A classic case
of throwing out an idea and sitting back to enjoy the furore without
specifying the conditions he wants fulfilled. Either that of he picks on
one post and goes off at a tangent.