disabling root and olpc passwords
ffm
ffm at intserverror.com
Sat Jan 12 22:00:11 EST 2008
On Jan 12, 2008 9:17 PM, Carl-Daniel Hailfinger <
c-d.hailfinger.devel.2006 at gmx.net> wrote:
> If the system notices that passwords
> are similar, there's at least some chance one guy knows another guy who
> then tells someone in upper management that if the system is able to
> find similarities between passwords, they surely are not stored with a
> cryptographically secure hash function.
Not true, since most users are required to enter the old password before
changing their password.
Now if it were to notice that the password you are using now was the same as
6 months ago (assuming change every month) that _would_ indicate poor
security.
-ffm
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.laptop.org/pipermail/devel/attachments/20080112/b0724dd7/attachment.html>
More information about the Devel
mailing list