|
|
Sponsored Content
Special Forums
Cybersecurity
Why use strong passwords?
Post 302727023 by Neo on Monday 5th of November 2012 01:53:51 PM
|
|
2 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
We ran into a problem because of a shop that uses Windows and UNIX.
The file names that Windows uses have spaces in them. When they get moved to the unix system they still have spaces. This produces a problem in our script that moves them again from one unix system to another. I've made up a... (2 Replies)
Discussion started by: jimcampanella
2 Replies
2. UNIX for Advanced & Expert Users
I've been using various versions of UNIX and Linux since 1993, and I've never run across one that showed your password as you type it in when you log in, or one that stored passwords in plain text rather than encrypted. I'm writing a script for work for a security audit, and two of the... (5 Replies)
Discussion started by: Anne Neville
5 Replies
LEARN ABOUT OPENSOLARIS
crypt_sha256
crypt_sha256(5) Standards, Environments, and Macros crypt_sha256(5) NAME
crypt_sha256 - password hashing module using SHA-256 message hash algorithm SYNOPSIS
/usr/lib/security/$ISA/crypt_sha256.so DESCRIPTION
The crypt_sha256 module is a one-way password hashing module for use with crypt(3C) that uses the SHA-256 message hash algorithm. The algo- rithm identifier for crypt.conf(4) and policy.conf(4) is 5. This module is designed to make it difficult to crack passwords that use brute force attacks based on high speed SHA-256 implementations that use code inlining, unrolled loops, and table lookup. The maximum password length for crypt_sha256 is 255 characters. The following options can be passed to the module by means of crypt.conf(4): rounds=<positive_number> Specifies the number of rounds of SHA-256 to use in generation of the salt; the default number of rounds is 5000. Negative values have no effect and are ignored. The minimum number of rounds cannot be below 1000. The number of additional rounds is stored in the salt string returned by crypt_gensalt(3C). For example: $5,rounds=6000$nlxmTTpz$ When crypt_gensalt(3C) is being used to generate a new salt, if the number of additional rounds configured in crypt.conf(4) is greater than that in the old salt, the value from crypt.conf(4) is used instead. This allows for migration to stronger (but more time-consum- ing) salts on password change. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Interface Stability |Committed | +-----------------------------+-----------------------------+ |MT-Level |Safe | +-----------------------------+-----------------------------+ SEE ALSO
passwd(1), crypt(3C), crypt_genhash_impl(3C), crypt_gensalt(3C), crypt_gensalt_impl(3C), getpassphrase(3C), crypt.conf(4), passwd(4), pol- icy.conf(4), attributes(5) SunOS 5.11 8 May 2008 crypt_sha256(5)