Re: Password encryption

To: Debian Users <debian-user@lists.debian.org>
Subject: Re: Password encryption
From: Nathan E Norman <finn@midco.net>
Date: Thu, 4 Nov 1999 08:51:53 -0600 (CST)
Message-id: <[🔎] Pine.LNX.4.10.9911040850140.12214-100000@volta.midco.net>
In-reply-to: <[🔎] 19991103174829.B5652@desktop.ourmanpann.com>

On Wed, 3 Nov 1999, Pann McCuaig wrote:

 : On Thu, Nov 04, 1999 at 00:40, Oliver Elphick wrote:
 : 
 : > Strictly, password encryption is authentication, rather than encryption,
 : > because password encryption is one-way: you cannot decrypt a password.
 : 
 : Well, yes, but . . .
 : 
 : What do you call "discovering" a weak password using the tools created
 : for that purpose?

Reverse engineering - the "tools created for that purpose" simply hash
strings and compare the result to whatever is stored in /etc/passwd (or
hopefully /etc/shdow); once you have a match you have presumably
discovered the password.

--
Nathan Norman
MidcoNet  410 South Phillips Avenue  Sioux Falls, SD
mailto:finn@midco.net           http://www.midco.net
finger finn@home.midco.net for PGP Key: (0xA33B86E9)

Reply to:

References:
- Re: Password encryption
  - From: Pann McCuaig <pann@ourmanpann.com>

Prev by Date: Re: setting the date with date [ Netdate ]
Next by Date: Re: Sources of linux documentation
Previous by thread: Re: Password encryption
Next by thread: html to postscript converter
Index(es):
- Date
- Thread