05-27-2001
The UNIX password encryption algorithm is a 'one way' mathematical function. 'One way' means there is encryption, but no decryption possible. As MIB and 98 say, the only way to search for passwords is to encrypt passwords and compare them to the encrypted string.
This is why picking simple dictionary words as passwords is weak, because password cracking programs use an internal dictionary to encrypt and compare.
One way passwords, BTW, has limited long term usefulness. With computing power and storage prices dropping, there will come a time in the near future when it is possible for people to encrypt all possible combinations (with the salt) and query the database directly with the encrypted string. With an 8 token limitation, this is becoming closer to reality each year.
10 More Discussions You Might Find Interesting
1. Solaris
I need to recover root password on a test server (E 10k) running solaris 9. Can someone please tell me how to do this? (1 Reply)
Discussion started by: nitinkgoud
1 Replies
2. Solaris
How to recover root password in solaris, I forgot root password.
thanks in advance (2 Replies)
Discussion started by: durgaprasadr13
2 Replies
3. Solaris
Dear All,
I have lost my data backup server's root password, just have a normal login username and password ..but i need to get back my root passwd....any1 can help me out plz :confused: (7 Replies)
Discussion started by: abir
7 Replies
4. Windows & DOS: Issues & Discussions
HI,
Can anybody tell me..about recovering windows administrator password in case of Forget it.
Now in Unix OS and any database,there is a fascility of recovering root/admin password....
Can window provide any such kind of fascility?....Also tell me any other normal users password recovery... (5 Replies)
Discussion started by: jagdish.machhi@
5 Replies
5. Solaris
Dear all
I have two doubts please clarify my doubt with clear steps
1. As a admin i forget my password how could i know whats my password.
2. If someone change my password how could i rectify that
Please give me reply. with clear steps (0 Replies)
Discussion started by: suneelieg
0 Replies
6. Solaris
Dear All Users
I have two doubts please any one clarify my doubts
1. In solaris As a admin i've forget my password so how could i know whats my password
2. if someone change my password so how could i rectify my password.
Please can anyone solve my doubt with clear steps (2 Replies)
Discussion started by: suneelieg
2 Replies
7. Solaris
How can I recover root password :wall:
1) I am running Solaris 10 (X86) through VMware for practicing.
2) I was practicing root password recovery and deleted the password in /etc/shadow file.
3) Neither cant login the to the CLI nor Console
4) Selected the Soalris X86 failsafe in... (4 Replies)
Discussion started by: vijaykrishna
4 Replies
8. Red Hat
Hello forum members,
Please help me to recover the root password. i can login with the user in redhat linux but i forget root password. so pleas help me to recover.
advance thanks
siva. (2 Replies)
Discussion started by: workforsiva
2 Replies
9. UNIX for Dummies Questions & Answers
Hi,
We forgot the root password on SuSE version 10 server. Since I didn't have SuSE DVD, I started the server using Redhat. I updated /etc/shadow and removed the root password.
I then started the server and I still can't login using root. Any idea?
One more question, on Novell web... (6 Replies)
Discussion started by: samnyc
6 Replies
10. Forum Support Area for Unregistered Users & Account Problems
Hi team,
My Member Id is : 'Nila' and I forgot my password. I have tried to recover it from "Forgotten your password" link. But its not accepting my mail id which is valid. (nila.shanthi@gmail.com).
Please help me to recover/change my password to login.
Regards
Vennila (1 Reply)
Discussion started by: Vennila
1 Replies
CRYPT(3) Library Functions Manual CRYPT(3)
NAME
crypt, setkey, encrypt - DES encryption
SYNOPSIS
char *crypt(key, salt)
char *key, *salt;
setkey(key)
char *key;
encrypt(block, edflag)
char *block;
DESCRIPTION
Crypt is the password encryption routine. It is based on the NBS Data Encryption Standard, with variations intended (among other things)
to frustrate use of hardware implementations of the DES for key search.
The first argument to crypt is normally a user's typed password. The second is a 2-character string chosen from the set [a-zA-Z0-9./].
The salt string is used to perturb the DES algorithm in one of 4096 different ways, after which the password is used as the key to encrypt
repeatedly a constant string. The returned value points to the encrypted password, in the same alphabet as the salt. The first two char-
acters are the salt itself.
The other entries provide (rather primitive) access to the actual DES algorithm. The argument of setkey is a character array of length 64
containing only the characters with numerical value 0 and 1. If this string is divided into groups of 8, the low-order bit in each group
is ignored, leading to a 56-bit key which is set into the machine.
The argument to the encrypt entry is likewise a character array of length 64 containing 0's and 1's. The argument array is modified in
place to a similar array representing the bits of the argument after having been subjected to the DES algorithm using the key set by
setkey. The edflag flag is ignored; the argument can only be encrypted.
SEE ALSO
passwd(1), passwd(5), login(1), getpass(3)
BUGS
The return value points to static data whose content is overwritten by each call.
7th Edition August 12, 1986 CRYPT(3)