Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!bloom-beacon!bu-cs!purdue!decwrl!ucbvax!SEISMO.CSS.GOV!rick
From: rick@SEISMO.CSS.GOV (Rick Adams)
Newsgroups: comp.protocols.tcp-ip
Subject: Re: shadow passwords?
Message-ID: <8811081644.AA20572@beno.CSS.GOV>
Date: 8 Nov 88 16:44:49 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 6

A better implementation of shadow passwords is not to replace
the encrypted password field with * or something obvious, but to
replace it with the correct number of random characters. Let the
wouldbe cracker TRY and decrypt something that isn't encrypted!

--rick