Re: md5 passwords

To: tech-security%netbsd.org@localhost
Subject: Re: md5 passwords
From: Henri Salo <fgeek%hack.fi@localhost>
Date: Thu, 15 Jan 2009 16:52:09 +0200

On Thu, Jan 15, 2009 at 10:06:43AM +0000, David Holland wrote:
> Given that md5 looks to be pretty shaky by now, should we adjust the
> passwd.conf docs and other such places to deprecate/recommend against
> using md5 passwords?
> 
> If so it would be a good thing to do it before releasing -5...
> 
> -- 
> David A. Holland
> dholland%netbsd.org@localhost

I would say that this should be done. Deprecating is good way to handle
this issue, because MD5 is very weak and no-one should use it anymore
for this purpose.

---
Henri Salo

Follow-Ups:
- Re: md5 passwords
  - From: Steven M. Bellovin

References:
- md5 passwords
  - From: David Holland

Prev by Date: md5 passwords
Next by Date: Re: md5 passwords
Previous by Thread: md5 passwords
Next by Thread: Re: md5 passwords
Indexes:

Home | Main Index | Thread Index | Old Index