Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Password safe encryption strength
Top Forums UNIX for Dummies Questions & Answers Password safe encryption strength Post 87042 by keelba on Wednesday 19th of October 2005 11:50:39 AM
Old 10-19-2005
Password safe encryption strength
I'm not sure if this is the right forum for this or not but we use a program called "Password Safe" to store the many root passwords we have for our Unix system.

Now we are being called out by our security team to prove that this is a safe program to use. So far I have been able to determine that this program uses the Blowfish encryption algorithm but cannot determine the strength of the encrytpion. All I have found is that Blowfish uses a 64-bit block cipher and has a variable key length of 32 bits to 448 bits. Does anyone know what strength Password Safe is using?
 

7 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Password encryption

In unix, i know the password encrypt by using salt But how does it work? And how windows protect its password? Thank you for helping in advance (5 Replies)
Discussion started by: cryogen
5 Replies

2. Cybersecurity

Periodic check of user password strength

I need to periodically run a check on the passwords of the users (Redhat 5.0) to verify that all passwords meet minimal standards. I remember seeing a script years ago that grabbed the encrypted passwords from the file and checked if they matched any of the encrypted strings in another file, plus... (1 Reply)
Discussion started by: tlynnch
1 Replies

3. UNIX for Dummies Questions & Answers

Check password strength

For moderator: I made a new thread in a proper part of the forum now https://www.unix.com/homework-coursework-questions/137119-user-processes.html But now i wan't to make something which isn't related to a homework, so i hope you won't close this one. Thanks to those two answers, you helped me!... (9 Replies)
Discussion started by: petel1
9 Replies

4. Shell Programming and Scripting

Password encryption...

Hi, I have a Java app that looks for some parameters in a .properties file such as username and password. However I don't want to leave the password in a text file and I can't modify the app... Does anyone have some idea about how to encrypt/hide/etc the password so it's not freely accessible... (1 Reply)
Discussion started by: Tr0cken
1 Replies

5. Cybersecurity

Is TLS encrypted password safe?

Hello, on my android device my app autosaves my password and it encrypts by TLS im not politically exposed person, just regular entrepreneur. Should i worry if i loose my phone with TLS encrypted password? Or regular mortals or casual hackers are not able to crack it? (4 Replies)
Discussion started by: postcd
4 Replies

6. UNIX for Dummies Questions & Answers

Password encryption

if I change my password on two different servers, using the same string but the encrypted password in /etc/passwd look different. If I copy an entry from one /etc/password to the other server. I can still log in to both servers using the same password. Only now both /etc/passwd entries are... (2 Replies)
Discussion started by: C0ppert0p
2 Replies

7. Shell Programming and Scripting

Password encryption in RHEL

I am working on a script where we are using sqlplus command to connect to Oracle DB. But the schemaname and password used for sqlplus authentication, have to be hardcoded in the script. DBconnection=scott/tiger@SID sqlplus $DBconnection Here any user who reads the script can read the... (1 Reply)
Discussion started by: max29583
1 Replies

LEARN ABOUT DEBIAN

catalyst::authentication::credential::password

Catalyst::Authentication::Credential::Password(3pm)	User Contributed Perl Documentation    Catalyst::Authentication::Credential::Password(3pm)

NAME

       Catalyst::Authentication::Credential::Password - Authenticate a user with a password.

SYNOPSIS

	   use Catalyst qw/
	     Authentication
	     /;

	   package MyApp::Controller::Auth;

	   sub login : Local {
	       my ( $self, $c ) = @_;

	       $c->authenticate( { username => $c->req->param('username'),
				   password => $c->req->param('password') });
	   }

DESCRIPTION

       This authentication credential checker takes authentication information (most often a username) and a password, and attempts to validate
       the password provided against the user retrieved from the store.

CONFIGURATION

	   # example
	   __PACKAGE__->config('Plugin::Authentication' =>
		       {
			   default_realm => 'members',
			   realms => {
			       members => {

				   credential => {
				       class => 'Password',
				       password_field => 'password',
				       password_type => 'hashed',
				       password_hash_type => 'SHA-1'
				   },
				   ...

       The password module is capable of working with several different password encryption/hashing algorithms. The one the module uses is
       determined by the credential configuration.

       Those who have used Catalyst::Plugin::Authentication prior to the 0.10 release should note that the password field and type information is
       no longer part of the store configuration and is now part of the Password credential configuration.

       class
	   The classname used for Credential. This is part of Catalyst::Plugin::Authentication and is the method by which
	   Catalyst::Authentication::Credential::Password is loaded as the credential validator. For this module to be used, this must be set to
	   'Password'.

       password_field
	   The field in the user object that contains the password. This will vary depending on the storage class used, but is most likely
	   something like 'password'. In fact, this is so common that if this is left out of the config, it defaults to 'password'. This field is
	   obtained from the user object using the get() method. Essentially: $user->get('passwordfieldname'); NOTE If the password_field is
	   something other than 'password', you must be sure to use that same field name when calling $c->authenticate().

       password_type
	   This sets the password type.  Often passwords are stored in crypted or hashed formats.  In order for the password module to verify the
	   plaintext password passed in, it must be told what format the password will be in when it is retreived from the user object. The
	   supported options are:

	   none    No password check is done. An attempt is made to retrieve the user based on the information provided in the $c->authenticate()
		   call. If a user is found, authentication is considered to be successful.

	   clear   The password in user is in clear text and will be compared directly.

	   self_check
		   This option indicates that the password should be passed to the check_password() routine on the user object returned from the
		   store.

	   crypted The password in user is in UNIX crypt hashed format.

	   salted_hash
		   The password in user is in salted hash format, and will be validated using Crypt::SaltedHash.  If this password type is
		   selected, you should also provide the password_salt_len config element to define the salt length.

	   hashed  If the user object supports hashed passwords, they will be used in conjunction with Digest. The following config elements
		   affect the hashed configuration:

		   password_hash_type
			   The hash type used, passed directly to "new" in Digest.

		   password_pre_salt
			   Any pre-salt data to be passed to "add" in Digest before processing the password.

		   password_post_salt
			   Any post-salt data to be passed to "add" in Digest after processing the password.

USAGE

       The Password credential module is very simple to use. Once configured as indicated above, authenticating using this module is simply a
       matter of calling $c->authenticate() with an authinfo hashref that includes the password element. The password element should contain the
       password supplied by the user to be authenticated, in clear text. The other information supplied in the auth hash is ignored by the
       Password module, and simply passed to the auth store to be used to retrieve the user. An example call follows:

	   if ($c->authenticate({ username => $username,
				  password => $password} )) {
	       # authentication successful
	   } else {
	       # authentication failed
	   }

METHODS

       There are no publicly exported routines in the Password module (or indeed in most credential modules.)  However, below is a description of
       the routines required by Catalyst::Plugin::Authentication for all credential modules.

   new( $config, $app, $realm )
       Instantiate a new Password object using the configuration hash provided in $config. A reference to the application is provided as the
       second argument.  Note to credential module authors: new() is called during the application's plugin setup phase, which is before the
       application specific controllers are loaded. The practical upshot of this is that things like $c->model(...) will not function as expected.

   authenticate( $authinfo, $c )
       Try to log a user in, receives a hashref containing authentication information as the first argument, and the current context as the
       second.

   check_password( )
perl v5.14.2							    2012-04-14		       Catalyst::Authentication::Credential::Password(3pm)
All times are GMT -4. The time now is 08:16 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy