[8991] in cryptography@c2.net mail archive
Re: Your password must be at least 18,770 char...
daemon@ATHENA.MIT.EDU (Matt Crawford)
Mon Jul 9 19:43:02 2001
Date: Mon, 09 Jul 2001 17:00:33 -0500
From: Matt Crawford <crawdad@fnal.gov>
In-reply-to: "09 Jul 2001 14:55:55 CDT."
<4.3.2.7.0.20010709145331.01d98780@posey.sctc.com>
To: Rick Smith at Secure Computing <rick_smith@securecomputing.com>
Cc: cryptography@wasabisystems.com
Message-id: <200107092200.f69M0XF18511@gungnir.fnal.gov>
I have no Windows source code to judge by, but just looking from the
outside I believe the error arises as follows. When the MIT-based
KDC returns the error code KADM5_PASS_Q_DICT (which it will only do
if your Kerberos admin has inserted a dictionary check, as there is
none by default), the MS password-changing client fishes in
uninitialized memory for some other possible parameters governing the
password selection: the length and history.
(This sheds no light on what it might do if you try a password with
too few character *classes*, which is yet another error code.)
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
