[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Chicken-hackers] user-information update for OpenBSD
From: |
John Cowan |
Subject: |
Re: [Chicken-hackers] user-information update for OpenBSD |
Date: |
Tue, 19 Jul 2016 12:13:28 -0400 |
User-agent: |
Mutt/1.5.20 (2009-06-14) |
Christian Kellermann scripsit:
> Maybe it makes sense to split out the sensitive information from the
> user-information for all Operating systems and thinking of another set
> of procedures that will produce the credentials. These can then use OS
> specific functions to get at the information.
I'd say, set the passwd field to '*' (which is not the encryption of anything
on any known password scheme) on all systems. *Nobody* should be depending
directly on the value of the encrypted password in 2016.
--
John Cowan http://www.ccil.org/~cowan address@hidden
In might the Feanorians / that swore the unforgotten oath
brought war into Arvernien / with burning and with broken troth.
and Elwing from her fastness dim / then cast her in the waters wide,
but like a mew was swiftly borne, / uplifted o'er the roaring tide.
--the Earendillinwe