Path: utzoo!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!samsung!aplcen!haven!adm!smoke!gwyn
From: gwyn@smoke.BRL.MIL (Doug Gwyn)
Newsgroups: comp.unix.questions
Subject: Re: Query on speed of crypt(3)
Keywords: crypt security password
Message-ID: <11885@smoke.BRL.MIL>
Date: 5 Jan 90 03:08:40 GMT
References: <1989Dec14.195944.16931@ncsuvx.ncsu.edu> <3364@rti.UUCP> <235@tnl.UUCP>
Reply-To: gwyn@brl.arpa (Doug Gwyn)
Organization: Ballistic Research Lab (BRL), APG, MD.
Lines: 8

In article <235@tnl.UUCP> norstar@tnl.UUCP (Daniel Ray) writes:
>The key to password security (assuming we stay with a crypt(3)-type
>hashing scheme with shorter length passwords) seems to be having a unique
>scheme for each machine.

No, a much simpler and better solution is to keep the encrypted
passwords unreadable (except of course to specific privileged
programs that perform password validation etc.).