09-22-2011
Quote:
Originally Posted by
bakunin
This means that every password has one and only one hash value, but not every hash value has exactly one password. Several passwords can have the same hash value.
This might be the case here.
Naturally password hashes have to be surjective, if information wasn't lost you could make an algorithm to convert hashes back to plaintext.
One hash fits more than one password, in theory, but the odds of finding
the a second one are very remote. The odds of the second being anything sensible are also remote -- more likely it'd be untypable garbage.
Last edited by Corona688; 09-22-2011 at 02:07 PM..
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi,
I cud find entries for user's named nobody and noaccess in the passwd file in the Unix system in which I am working ... I have seen entries for these in other systems too ....
What is the significance for nobody and noaccess ... ?? Anything special ?? Can anyone help ??
Thanks &... (1 Reply)
Discussion started by: Sabari Nath S
1 Replies
2. UNIX for Dummies Questions & Answers
From what I have read it possible to create a new group by editing the etc/group and etc/passwd in UNIX two files but a non-experienced user may face many problems such as destroying the file by mistake ot that his changes to these file does not make any difference.
However, there is this... (2 Replies)
Discussion started by: whatev3r
2 Replies
3. UNIX for Dummies Questions & Answers
Thanks
AVKlinux (11 Replies)
Discussion started by: avklinux
11 Replies
4. Solaris
i wonder if there is a tool to read the /etc/passwd or /etc/shadow files in order to reset user accounts to the same one.
By moving (restore) all filessytem and data to another same Sun box, none of the users are able to logon to the new box which i didn't change nothing. But if i reset the user... (1 Reply)
Discussion started by: lamoul
1 Replies
5. UNIX for Advanced & Expert Users
I'm trying to make this work, and it half works. Accounts with password hashes matching the old crypt(3) algorithm work just fine:
JUpfW/w6jo6aw
But accounts with longer password hashes preceded by $1$, such as the following, do not work:
$1$iIcbppdP$HDyjJeVMGgJ.ovLsnjtTR.... (0 Replies)
Discussion started by: davidstvz
0 Replies
6. Solaris
Hi Folks,
I have Solaris 10, latest release.
We have passwd aging set in /etc/defalut/passwd.
I have an account that passwd should never expire. Acheived by emptying associated users shadow file entries for passwd aging.
When I reset the users passwd using passwd command, it re enables... (3 Replies)
Discussion started by: BG_JrAdmin
3 Replies
7. Solaris
Hi , can anyone explain me the difference between /etc/shadow and /etc/default/passwd . As per my knowledge both the files are used for password aging and control parameters. (2 Replies)
Discussion started by: rogerben
2 Replies
8. Solaris
Hi all..
I moved the /etc/shadow and /etc/shadow files to /tmp and then rebooted my PARC machine running 5.10. I did it to see if I could recover from single user mode.
But, I forgot to enable the abort key-sequence which I earlier disabled.
Stuck!
One of my gurus told I had to... (9 Replies)
Discussion started by: satish51392111
9 Replies
9. Solaris
Hi,
I have a Solaris 10 box where password aging is not functioning properly. Using the passwd command with the -l or -u options causes the lastchg field in the /etc/shadow file to be modified. Therefore, if a user's password is set to expire in 90 days and they are 1 day away, all they have... (4 Replies)
Discussion started by: cschar
4 Replies
10. Shell Programming and Scripting
I am running the ETL job to passing the database username,pssswd positional arguments to shell script (bash) and how can we suppress/hide the password from ps command. (2 Replies)
Discussion started by: pimmit22043
2 Replies
LEARN ABOUT PHP
password_needs_rehash
PASSWORD_NEEDS_REHASH(3) 1 PASSWORD_NEEDS_REHASH(3)
password_needs_rehash - Checks if the given hash matches the given options
SYNOPSIS
boolean password_needs_rehash (string $hash, integer $algo, [array $options])
DESCRIPTION
This function checks to see if the supplied hash implements the algorithm and options provided. If not, it is assumed that the hash needs
to be rehashed.
PARAMETERS
o $hash
- A hash created by password_hash(3).
o $algo
- A password algorithm constant denoting the algorithm to use when hashing the password.
o $options
- An associative array containing options. See the password algorithm constants for documentation on the supported options for
each algorithm.
EXAMPLES
Example #1
Usage of password_needs_rehash(3)
<?php
$password = 'rasmuslerdorf';
$hash = '$2y$10$YCFsG6elYca568hBi2pZ0.3LDL5wjgxct1N8w/oLR/jfHsiQwCqTS';
// The cost parameter can change over time as hardware improves
$options = array('cost' => 11);
// Verify stored hash against plain-text password
if (password_verify($password, $hash)) {
// Check if a newer hashing algorithm is available
// or the cost has changed
if (password_needs_rehash($hash, PASSWORD_DEFAULT, $options)) {
// If so, create a new hash, and replace the old one
$newHash = password_hash($password, PASSWORD_DEFAULT, $options);
}
// Log user in
}
?>
RETURN VALUES
Returns TRUE if the hash should be rehashed to match the given $algo and $options, or FALSE otherwise.
PHP Documentation Group PASSWORD_NEEDS_REHASH(3)