[4528] in Athena Bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

password length

daemon@ATHENA.MIT.EDU (Mark Rosenstein)
Thu Mar 15 13:14:03 1990

Date: Thu, 15 Mar 90 13:13:46 -0500
From: Mark Rosenstein <mar@MIT.EDU>
To: bugs@MIT.EDU
Cc: jon@MIT.EDU
There are many unix programs which accept passwords (su, ftp, login,
xlogin, rlogin, passwd, register, screensaver, etc).  Some of these
don't work if the user's password is longer than 8 characters.  It is
important that these all handle long passwords the same way:

	accept *long* passwords (like 80 characters or more)
	truncate what the user typed to 8 characters
	print a warning message if the password is truncated
	pass this on to the crypt() routine

Note that Kerberos will use the entire password, but programs that
check against the encrypted password in /etc/passwd only use the first
8 characters.  This is an issue for the next release as well as a set
of bugs because we're getting pressure to have the register program
allow users to choose passwords longer than 8 characters.
					-Mark


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[4528] in Athena Bugs

password length

daemon@ATHENA.MIT.EDU (Mark Rosenstein)Thu Mar 15 13:14:03 1990

daemon@ATHENA.MIT.EDU (Mark Rosenstein)
Thu Mar 15 13:14:03 1990