[4675] in Kerberos
Software for front-end to kerberos database
daemon@ATHENA.MIT.EDU (Clifford Neuman)
Thu Feb 23 11:00:01 1995
Date: Thu, 23 Feb 1995 07:44:13 -0800
From: Clifford Neuman <bcn@ISI.EDU>
To: dm@das.harvard.edu
Cc: kerberos@MIT.EDU
In-Reply-To: David Mazieres's message of 23 Feb 1995 07:51:19 GMT <3ihepn$k3l@necco.harvard.edu>
Date: 23 Feb 1995 07:51:19 GMT
From: dm@das.harvard.edu (David Mazieres)
Actually, you can do better than crack since the password
hashing doesn't use a salt (99% sure--someone care to prove
me wrong?). Thus, you should be able to check all passwords
at once.
In V5 Kerberos, passwords are salted with the name of the principal.
Though not random, it means that the salting is different for
different users.
~ Cliff
