Re: Default password encryption method.
On Jun 19, 2012 3:16 PM, "Maxim Khitrov" <max@mxcrypt.com> wrote:
>
> On Tue, Jun 19, 2012 at 10:10 AM, ian ivy <sidetripping@gmail.com> wrote:
> > Hello,
> >
> > By default FreeBSD uses MD5 to encrypt passwords. MD5 is believed to be
> > more secure than e.g. DES but less than e.g. SHA512. Currently several
> > major Linux distributions, uses a SHA512 mechanism. Suse Linux also
offers
> > a blowfish.
> >
> > Some Debian based distributions use MD5-based algorithm compatible with
the
> > one
> > used by recent releases of FreeBSD - but mostly this variable (*
> > MD5_CRYPT_ENAB*)
> > is deprecated, and SHA512-based algorithm is used.
> >
> > Of course, in FreeBSD we can change the MD5 for example to BLF,
> > but, it will be not a better solution to use SHA512 by default?
>
> This has been discussed recently in the following thread:
>
> http://lists.freebsd.org/pipermail/freebsd-security/2012-June/006271.html
The FreeBSD Security Team is also looking at (/poking people to look at)
solutions which will improve the the time it takes to brute force passwords
significantly more.
--
Simon
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 3 之 7 篇):