Re: CRYPT

From: Andy Davidoff (dert@concrete.resnet.upenn.edu)
Date: 05/04/95


On Fri, 21 Apr 1995, Katzlberger Thomas wrote:
>  crypt() is a oneway function.
>  This means nobody can decrypt its output.
>  The passwords are compared by crypting the input of the user
>  is and compareing the crypted results.
>  Why does someone want to crack passwords of his users ??
>  Or are you a hacker trying another silly approach.
>  Kilian.

there are several reasons one may want to have access to the passwords of
their users, and i dont feel it's unreasonable or unethical. all users
should be informed, however, that their passwords are accessable by the
sysadmin. noone with an ounce of intelligence will use the same password
on multiple systems if they want to retain any security on their acct. 
cracking crypt is a bit beyond the scope of this list i think, but it's
probably best that he learn how it works; of course he aint a hacker, if
he were, he would have looked in mudpasswd.c and found the call to crypt. 



This archive was generated by hypermail 2b30 : 12/07/00 PST