[CentOS] 6.2 and login.defs
John Doe
jdmls at yahoo.com
Thu Dec 22 13:32:00 UTC 2011
From: Reindl Harald <h.reindl at thelounge.net>
>> By rehashed I meant 2 layers of hashing...
>> You sha512 the old md5 hash while keeping the knowledge that it was an md5
> hash.
>> So, when the user enters its passwd, it would be md5 hashed and then sha512
> hashed and compared...
> this does not make any sense or differene and would decrase security
> keep in mind that hashes normally contain only [a-z][0-9]
> if you store the knowledge you have no need to convert
> if you have a secure password like "y*!#Anf&%" your hash has
> no longer special-chars and uppercase-letters, hashing this
> again would result in a less secure one with more possible
> collisions
I know all the security implications...
My post was about transparent backward-compatibility.
Anyway, it works.
Thx,
JD
More information about the CentOS
mailing list