10-19-2005
Password safe encryption strength
I'm not sure if this is the right forum for this or not but we use a program called "Password Safe" to store the many root passwords we have for our Unix system.
Now we are being called out by our security team to prove that this is a safe program to use. So far I have been able to determine that this program uses the Blowfish encryption algorithm but cannot determine the strength of the encrytpion. All I have found is that Blowfish uses a 64-bit block cipher and has a variable key length of 32 bits to 448 bits. Does anyone know what strength Password Safe is using?
7 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
In unix, i know the password encrypt by using salt
But how does it work? And how windows protect its password?
Thank you for helping in advance (5 Replies)
Discussion started by: cryogen
5 Replies
2. Cybersecurity
I need to periodically run a check on the passwords of the users (Redhat 5.0) to verify that all passwords meet minimal standards. I remember seeing a script years ago that grabbed the encrypted passwords from the file and checked if they matched any of the encrypted strings in another file, plus... (1 Reply)
Discussion started by: tlynnch
1 Replies
3. UNIX for Dummies Questions & Answers
For moderator: I made a new thread in a proper part of the forum now https://www.unix.com/homework-coursework-questions/137119-user-processes.html
But now i wan't to make something which isn't related to a homework, so i hope
you won't close this one. Thanks to those two answers, you helped me!... (9 Replies)
Discussion started by: petel1
9 Replies
4. Shell Programming and Scripting
Hi, I have a Java app that looks for some parameters in a .properties file such as username and password. However I don't want to leave the password in a text file and I can't modify the app...
Does anyone have some idea about how to encrypt/hide/etc the password so it's not freely accessible... (1 Reply)
Discussion started by: Tr0cken
1 Replies
5. Cybersecurity
Hello, on my android device my app autosaves my password and it encrypts by TLS
im not politically exposed person, just regular entrepreneur. Should i worry if i loose my phone with TLS encrypted password? Or regular mortals or casual hackers are not able to crack it? (4 Replies)
Discussion started by: postcd
4 Replies
6. UNIX for Dummies Questions & Answers
if I change my password on two different servers, using the same string but the encrypted password in /etc/passwd look different.
If I copy an entry from one /etc/password to the other server. I can still log in to both servers using the same password. Only now both /etc/passwd entries are... (2 Replies)
Discussion started by: C0ppert0p
2 Replies
7. Shell Programming and Scripting
I am working on a script where we are using sqlplus command to connect to Oracle DB. But the schemaname and password used for sqlplus authentication, have to be hardcoded in the script.
DBconnection=scott/tiger@SID
sqlplus $DBconnection
Here any user who reads the script can read the... (1 Reply)
Discussion started by: max29583
1 Replies
LEARN ABOUT DEBIAN
text::password::pronounceable
Text::Password::Pronounceable(3pm) User Contributed Perl Documentation Text::Password::Pronounceable(3pm)
NAME
Text::Password::Pronounceable - Generate pronounceable passwords
SYNOPSIS
# Generate a pronounceable password that is between 6 and 10 characters.
Text::Password::Pronounceable->generate(6, 10);
# Ditto
my $pp = Text::Password::Pronounceable->new(6, 10);
$pp->generate;
DESCRIPTION
This module generates pronuceable passwords, based the the English digraphs by D Edwards.
METHODS
new
$pp = Text::Password::Pronounceable->new($min, $max);
$pp = Text::Password::Pronounceable->new($len);
Construct a password factory with length limits of $min and $max. Or create a password factory with fixed length if only one argument
is provided.
generate
$pp->generate;
$pp->generate($len);
$pp->generate($min, $max);
Text::Password::Pronounceable->generate($len);
Text::Password::Pronounceable->generate($min, $max);
Generate password. If used as an instance method, arguments override the factory settings.
HISTORY
This code derived from mpw.pl, a bit of code with a sordid history.
o CPAN module by Chia-liang Kao 9/11/2006.
o Perl cleaned up a bit by Jesse Vincent 1/14/2001.
o Converted to perl from C by Marc Horowitz, 1/20/2000.
o Converted to C from Multics PL/I by Bill Sommerfeld, 4/21/86.
o Original PL/I version provided by Jerry Saltzer.
LICENSE
Copyright 2006 by Best Practical Solutions, LLC.
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
See <http://www.perl.com/perl/misc/Artistic.html>
perl v5.10.1 2010-08-16 Text::Password::Pronounceable(3pm)